Topic: What is SSL? (Read 163 times)

Google has started to show a warning about sites without SSL - so it's definitely good to spent an extra dollar on SSL while purchasing a domain name. Also services like Namecheap offers free promos for SSL while purchasing domain names.

SSL stands for secure sockets layer, an encryption technology that was originally created by the connection between your web server and your visitor's web browser. But I think SSL is the backbone of our secure internet and it protects your sensitive information as it travels across the world computer network. SSL is essential for protecting your website, even if it doesn't handle sensitive information like credit cards. It provides privacy, critical security, and data integrity for both your websites and your user's personal information.

SSL certificates for websites are issued free by Lets Encrypt for 3 months. Of course, you can renew them for another 3 months for free 

If you absolutely want to trust, look for Green Bar SSL (EV SSL). Because this type of SSL is not free and the issuing authority actually verifies that the business exists 

I never trust a website that lack secure socket layer especially a crypto website raising money such as ICO or an exchange. In addition to SSL, I used a google chrome web of trust extension in my browser to ensure maximum security.

SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

It turned out to be science, ssl is now a trend.
My current website uses let's free SSL, which is very easy to use and free forever.

I want to add a little post 
The main reason why using SSL is to keep sensitive information during the sending process over the Internet in an encrypted way, so that only the recipient of the message can understand from the encryption. This is very important, because the information we send on the Internet requires the process of traveling from computer to computer until it reaches the destination server. Other computers that exist between you and the server can see your Credit Card number, username and passwords, and other sensitive information when this is not encrypted with the SSL Certificate.
When an SSL certificate is used, the information becomes unreadable by anyone except to the intended server when sending the information. This protects the information from hackers and identity thieves.

OK, so let's be clear about one thing:
SSL certificates only means that you have a secure connection to the server you are trying to connect with.
NOTHING ELSE!
It can be a phishing server with a SSL certificate. In that case, that would only mean that you have a secure connection to the phishing server.

In addition: You can also check for Docker Container to automatically set up your application with an let's encrypt certificate.

Actually, Let's Encrypt certificates are free forever and you can easily setup a cronjob to automatically renew the certificate every couple of months.

What is SSL?

SSL means "Secure Socket Layers" meaning it is a standard technology that secures sending data between two systems. In short it has encrypted link between server and client for example browser and website or server to server for example is payroll information.

SSL Certificate it is the green lock on your browser meaning the site that you visited is secured.


ADVANTAGES
-Encrypts Information
-Guards against Phishing attacks
-Better search engine rankings

DISADVANTAGES
-Cost
-Expired Certificate

There are three types of SSL Certificate

Extended Validation
The Certificate Authority (CA) checks if the applicant can use the specific domain name and they do a critical examination in the organization. There are EV Guidelines that needs to be followed before the CA approves the certificate.  The EV SSL Certificate is available to all types of businesses.

EV Guidelines


Organization Validation
It is like the Extended Validation but there is no guidlines like in EV. You can see the company information if you click the Secure Site Seal, it shows who is the person behind the site, it gains the trust of the website visitors.

Domain Validation
The CA checks the applicants right to use the specific domain that the applicant wants. There is no company identity and information displayed other than the encryption information in the Secure Site Seal.

Secure Site Seal
This is to help website visitors to know that you have invested to their safety and indicates that the transaction of data are secured.

If there is a website with no SSL that site is prone to hacking or maybe sometimes it is a phishing site. It is good to always login your accounts in a SSL Certified website to prevent hacking of account or loss of credit card information if you are buying goods online.

Does a website needs an SSL? YES. This is to help the website visitors to feel secured with their personal information and to earn their trust.

These are some sites that checks SSL for free.

- https://www.ssllabs.com/ssltest/
- https://www.1and1.com/ssl-checker


Disclaimer: This is only some insights that i researched and i tried to make it shorts so that it can be easily be understand. If you know more about SSL please add information. Thank you!



Sources:
https://www.websecurity.symantec.com/security-topics/what-is-ssl-tls-https
https://www.slideshare.net/JohnWard23/ssl-certificate-advantages-and-disadvantages[/list]
https://www.godaddy.com/garage/do-you-need-ssl-encryption-if-you-dont-sell-anything-on-your-website/
https://www.nutsandboltsmedia.com/does-your-website-really-need-ssl/
https://www.globalsign.com/en-ph/ssl-information-center/types-of-ssl-certificate/