Do I Need an SSL Certificate?

A question that many business ask is whether or not they need an SSL certificate for their website. Until recently the answer has been that if your users were entering sensitive information on your website such as name, address or payment details then you absolutely should be using an SSL certificate. However, if your users were not entering sensitive information on your site then it probably wasn’t necessary to have an SSL certificate.

But this all changed recently with Google announcing that they would be aiming to create a safer web:

“To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure. Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.”

Not secure credit card

This means two things: Firstly, as stated, Google will mark http pages that collect passwords and payment details as non-secure in search results. Secondly it indicates that this will be expanded to include all http pages regardless of content in future.

“Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”

Google Logo - SSL Certificate

This means that although it may not be immediately necessary to have an ssl certificate from the point of view of being marked secure or not there will come a time in the near future where it is essential.

However, Google have also announced that, in addition to marking sites as secure or not, they are penalising non-https sites position in search results.

This means that whether you are handling sensitive information or not if you want to continue to rank highly in Google search you need your website to be on a secure SSL connection.

What Actually is an SSL Certificate?

Put simply an SSL certificate is a small data file that binds a cryptographic key to an organisation’s details. When installed on a server this allows the website to pass information between the user and the server in a scrambled format that is only decipherable using the cryptographic key. In this way it is possible to pass sensitive information in a much more secure way making your site less susceptible to hackers using methods such as man in the middle attacks.

When an SSL Certificate is active on a website you will see the padlock symbol in the address bar and https (Hypertext Transfer Protocol Secure) in the web address instead of plain http (Hypertext Transfer Protocol).

address-bar SSL Certificate

How Do I Get an SSL Certificate?

SSL Certificates are available from a number of different providers including RapidSSL and Symantec and many hosting providers also offer SSL Certificates.

If you don’t want to have to spend the time working out how to set up an SSL Certificate yourself then check out our SSL Certificate setup service. We’ll guide you through the purchase of your SSL Certificate and then do all the leg work installing and configuring it for you.