Ah SSL, it was once an obscure term known only by developers and sys admins, now – everyone knows it…or do they? Well I think most people’s definition of SSL is something like “the thing that puts the green box in the browser window.”
While this is true, there’s a bit more going on behind-the-scenes and I thought now would be as good a time as any to do a deeper dive into what SSL actually is and why it has become so important.
First, let’s get a little technical (don’t worry, I won’t get too geeky on you) and talk about what SSL actually is.
What is SSL?
SSL stands for Secure Sockets Layer…and this probably means absolutely nothing to you unless you have an engineering or CS degree. Luckily the concept really isn’t that hard if you break it down, let’s start with sockets.
What is a socket?
Sockets are simply ways for computer to talk to each other, or to even talk to themselves. The idea comes from UNIX, and if you don’t know UNIX, that’s okay, I can explain it in a way you’ll understand either way.
Essentially, in UNIX when you’re reading and writing files you come across something called a file descriptor. You can think of a file descriptor as a simple number that tells the computer where your file is, i.e. an indexing system. If you have 100 files on your computer, and you’re trying to find one, having them organized in a table with a unique number assigned to each one makes life easy, for the computer that is.
A socket works like a file descriptor, it keeps things organized when you’re trying to read and write data between two computers, or within a computer itself…but let’s just think of two computers talking to each other for this example.
So now let’s put this all into a real world example. I go to a website, this means my computer makes a request to another computer (a server) somewhere out there in the Interwebs. How do we communicate together? Through a socket, got it?
Now you can probably guess what’s coming next. The first “S” in SSL stands for secure, so all that means is that the communications over the socket are secure. That makes sense since more than ever people are now sending things like their credit card number and social security numbers to websites…you want that to go through a secure communication channel (socket) right?
Okay, now you should have a pretty solid understanding of what SSL is. Of course what you probably hear about the most isn’t SSL itself but instead an SSL certificate. So we’re not done yet.
What is an SSL Certificate?
An SSL certificate is what guarantees the security of communications through SSL. Here’s a rundown of how it all works together, let’s take this one step at a time:
- You connect to a website using a web browser. The web server is using SSL to secure the site so the browser asks the web server to identify itself.
- The web server send the browser it’s SSL Certificate, i.e. saying – here’s who I am and why I’m able to promise that I’ll keep our communications nice and secure.
- Your browser then checks to see if it trusts the SSL Certificate. If it does, it tells the web server that all is a-okay.
- The web server then responds confirming that everything is good to go and starts an encrypted SSL session.
- Data being sent between your computer (via your web browser) and the web site (via their web server) is now encrypted, i.e. secure.
Now you should be able to understand why an SSL Certificate is such a critical part of this process, without it, there’s now way for both sides to validate that they trust each other. And like most things in life, without trust, communication falls apart.
But it doesn’t quite end there. There is one more really important thing you need to know about SSL, and that’s it’s connection with SEO.
Why SSL Certificates are so important today
Here’s something you might not know. Google now uses SSL as a signal in their ranking algorithm. This means that if you don’t have SSL, you won’t rank as well, it’s that simple. Just in case you don’t believe me, you can read it directly from Google themselves below:
For these reasons, over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.(Source – Google Security Blog)
Okay, now let’s end with the good stuff. How much do SSL Certificates cost?
The price ranges from $10 up to around $100 depending on what level of certificate you’re looking for. Whenever I’m in the market for an SSL Certificate I usually look around for registrars that are running a special.
I recently learned that 101Domain is running a special through June 12th on SSL Certificates, with prices starting as low as $9.59 for basic SSL. Here’s the full table of pricing with the promotion:
Last but certainly not least
You do not need to buy an SSL Certificate at the same place that you have your domain registered. You can buy a certificate anywhere so I’d always look for the best price since different registrars run promotions at different times.
I hope this article was helpful, at the very least, if someone asks you what the heck is SSL, you’ll be able to drop some serious knowledge. Thanks for reading and if you have any other questions about SSL feel free to ask away in the comment section below!