There’s been a huge shift over the past years, with websites now being all-but-required to install what’s known as an SSL Certificate.
If you’ve ever wondered what that is, well, in a nutshell, it’s a protocol that creates a secure connection to your website keeping your visitors safe from bad people.
So if your website has any form of login, contact form or payment processing, an SSL Certificate is what is needed to protect your visitor’s data as it transfers from your website to the web server.
In fact, it’s so important that most Payment Gateways (a service, like Stripe or PayPal, that is used to process payments on a website) will refuse to process payments unless it detects an SSL has been installed.
How to tell if a website has an SSL installed
You will probably have seen this many times before, Google’s Chrome web browser does a great job at really highlighting websites that don’t have an SSL installed, it is in part, thanks to Google that the internet has seen such a shift in the adoption of SSL’s over recent years.
To help us demonstrate, we’ll use a fantastic service called BadSSL.
If you visit a website that simply does not have an SSL certificate installed, you’ll probably see something similar to this in the address bar of your browser:
This can be pretty scary for some visitors when they’re visiting your website, especially if they intend to make a purchase.
In most cases, simply not having an SSL won’t physically stop the visitor from using your website, but it will likely unnerve them. In most cases, visitors will instead choose to find the product or service from another provider for their own peace of mind. Obviously this is not what you want!
To check if your website has an SSL installed, type https:// before your website address in the browser address bar.
i.e if your website address was speccymedia.com, type http://speccymedia.com
If you have an SSL installed you’ll see no warnings and you’ll probably be shown a Padlock icon next to your web address in the Address Bar, like this:
If you see the warning shown in our earlier example, then you don’t have an SSL certificate installed.
Can a website with an SSL ever not be secure?
Yes, actually. Though rare, there are a few instances where a website that has an SSL installed isn’t actually fully secure and will produce various browser warnings from the subtle to the completely in your face.
This first example is probably the most common, especially as more and more websites install an SSL on their webserver.
Visitors will see this mixed-content warning if your website has an SSL installed, but parts of the website being shown aren’t using the secure protocol.
This usually happens with images. Let’s say that some time ago you added some images to your website and embedded them directly into the webpage. When images are shown, the browser is actually following a path to the image on your web server, so it can render the image on the page.
Typically, the code will look something like this:
<img src="http://mywebsite.com/images/my-favourite-book.png" alt="My Favourite Book" />In this example, the code is linking directly to the image via the http protocol. Meaning that the image is being served from a non-secure connection.
Luckily, if the images are on the same web server as your website (this is very common) there’s an easy fix; just change http to https on each image path and your website will stop showing mixed-content warnings.
(Other common file types that can cause this warning are PDF’s, MP3’s and MP4’s – just follow the same steps for images and you’ll be good to go)
How long does an SSL last?
SSL certificates are usually issued for a year at a time and will need to be reissued at the end of the year, so it’s a good idea to put a note in the diary for when your SSL’s expiry date is approaching.
If you allow your SSL to expire without getting a new one issued, your visitors could see a warning like this:
This warning completely takes over your website and visitors will have to make a very special effort to opt into proceeding. Most likely, they’ll very quickly click the back button and find another website.
How to Install an SSL Certificate
There are actually several different types of SSL Certificates available, which can get pretty confusing. The reason for this is that some certificates are issued by governing bodies who will check that you and your company are what you say you are and do what you say you do.
It can give that extra peace of mind to visitors, and you’ll often see examples of these sorts of SSL’s on websites of large corporations.
Some browsers even go so far as to highlight the websites that have gone through this extra step. Mozilla Firefox, for example, shows the SSL for Barclays Bank highlighted green together with the official company short name.
For most websites though, you only need a “cheap” or even free (more on this in a minute) SSL Certificate.
Install an SSL via your web host
The easiest way to install an SSL is to approach your web host. Most web hosts will offer SSL installation out of the box, and often you won’t need to do anything other than purchase the certificate and click a button to install.
Typically, you’ll be spending between £5 and £40 for a basic SSL Certificate installation at your
Install an SSL for free with Let’s Encrypt
Let’s Encypt is a not-for-profit certificate authority that issues SSL certificates completely for free! They offer certificates to any website where the certificate requester can demonstrate that they have control over the website domain name.
Unless your
Here’s a list of common web hosts that offer Let’s Encypt with either automated installation or support for certificate installation.
Conclusion
All websites should be offering their visitors a secure connection so that they can browse, submit data and purchase products with confidence that their personal information is safe.
Certificates can be issued for free via Let’s Encypt, though it is often easier to purchase a cheap certificate directly from your
If you’d like us to install an SSL for you, we totally can! Drop us a message. This service will cost around £25 (depending on how long it takes us with your web host) plus the cost of the certificate and we’ll usually have it done that same day.