SSLs, they’re everywhere or perhaps they should be!
SSLs (Secure Sockets Layer) have been a staple of the Internet for many years and make things like purchasing products on Amazon or logging into Facebook even really possible. Without SSLs people would be able to “listen in on” any information you send to a website such as credit card numbers or usernames and passwords. As you can imagine a world without SSLs would be dangerous and the Internet would end up being far more boring.
“SSLs are growing in popularity and can have a positive impact on both how search engines rank your website and also how much end users feel they can trust your website.”
How SSLs work
SSLs work by creating a secure, encrypted connection between users (browsers) and websites (web servers) using a set of public, private and session keys. Once a website has gone through an “SSL Handshake” process with a website, the connection is secured and any information sent is encrypted using the keys.
SSL Handshake Process
A little techie, but this is how it all works:
- Your browser connects to a website secured with an SSL. Browser requests the web server’s identity.
- Website will then send a copy of its SSL Certificate and the web server’s public key to your browser.
- Your browser checks the certificate root against a list of trusted CAs and makes sure that the certificate is unexpired, unrevoked, and that its name on the certificate matches the website you’re trying to connect to. If the your browser trusts the certificate, it creates, encrypts, and sends back a session key using the web server’s public key.
- Server hosting the website decrypts the symmetric session key using its private key and sends back a message encrypted with the session key to start the encrypted session.
- Web server and your browser now encrypt all transmitted data with the session key.
Do I need an SSL?
For many years most sites didn’t even consider getting an SSL because SSLs were considered something only e-commerce websites needed. While that may have been true in the past, for a couple of years now search engines, specifically Google, has been valuing and ranking sites secured with an SSL slightly better than their non-secured competitors. This ranking boost, in addition to a growing user expectation for secure websites has led many sites to adopt SSLs even if they’re not selling products.
Many big names in the Internet world like Google are pushing for a more secure web by encouraging websites to transition to using an SSL. As users grow more accustomed to seeing that little green padlock in the address bar it’ll become even more important that your site also show that it’s secure and the users can trust your site even if they’re simply filling out a contact us form.
SSLs are growing in popularity and can have a positive impact on both how search engines rank your website and also how much end users feel they can trust your website. The days when SSLs were for e-commerce stores are long gone and a fully secured website is right around the corner. Be sure you’re not late to the party and talk to your Vivid Image account director about your SSL options.