Website with no SSL certificate: Not secure website

Website with SSL certificate: Secure website

A lock next to the website address means:

  1. Website identity is verified – content originated from the website owner`s server, not a fake clone.
  2. Data is encrypted in transit – no network intruders can see what data is sent and received between the visitor and server.
  3. Content is in its original form – nobody was able to modify or censor the information that was transmitted.

When a website has no SSL certificate or a part of its content is loaded from not secure servers, a browser shows warnings that the website is not secure and the visitor should not enter any information into it.

When a website has an expired or unreliable SSL certificate, a browser considers this a sign of a potential attack and prevents most users from entering such a website.

To protect visitors data and not scare them away with browser warnings, now every website needs a reliable and properly configured SSL certificate.

When an online shop does not have an SSL certificate, browsers scare your visitors away with security warnings.

Google ranks websites with no SSL certificates lower so that not secure websites receive fewer visitors.

If you already have an SSL certificate, the next step is an Extended Validation SSL certificate. Once installed, it shows your company name next to the website address. This assures the visitor that your company is legally established and this website really belongs to this company. When a customer is sure the website belongs to the entity he is paying to, there are fewer doubts to complete the order.

Website with an Extended Validation SSL certificate: Extended Validation SSL certificate

There are only a dozen widely-recognized certificate authorities in the world. The most active are 2: Comodo and DigiCert (with brands RapidSSL, GeoTrust, Thawte, Symantec). They offer multiple almost identical certificates at different price points, so making the right decision may be hard.

After the Symantec scandal everyone strictly complies with the CA/Browser Forum rules. Therefore, corresponding certificates from different authorities work identically.

Certificate authorities compete by differentiating customer service, issuing time and price. Resellers evaluate all these aspects based on their experience and recommend one or another certificate in specific cases. Usually these certificates are the best choice when buying from this specific reseller – they have the highest sales volume for these certificates and can quickly solve any problems during their issuance.

Resellers get different discounts from different certificate authorities, so their recommended options may differ. But when a reseller recommends the certificate that is not the cheapest in its category, it is worth to ask why. The cheapest certificate does not mean the worst. On the contrary, usually it is the best considering issuing time. As a result of its advantages, it achieved the highest sales volume, got the highest discounts from the certificate authority and eventually became the lowest cost certificate in its category.

SSL certificates differ in 2 major aspects: how many addresses they protect and what details of the website owner they contain.

Addresses (domains or subdomains) are defined by your system type:

  1. Websites and e-commerce sites that are accessed on a single domain use Single domain SSL certificates.
  2. Microsoft Exchange email servers and multi-site platforms that are accessed on multiple hostnames use Unified Communications SSL certificates with Subject Alternative Names – additional addresses.
  3. Internet platforms that allow their users to create subdomains use Wildcard SSL certificates.

Certificate validation type is defined by your certificate`s purpose:

  1. To protect visitors data – to consider your website secure, a Domain Validation SSL certificate is enough.
  2. To assure that the client is connected to the server that belongs to your company – when a special software is used instead of a browser or visitors know how to check the certificate manually, an Organization Validation SSL certificates is used.
  3. To show who owns the website – to assure visitors they came to a website owned by a legally established entity, an Extended Validation SSL certificate is required.

Wherever you buy a certificate, the same name certificate everywhere will be identical. Once you have it installed, the only differences are the price you paid and the customer experience you got. During the validation phase some reseller differences become apparent:

  • CSR upload and domain validation in a self-service portal – all certificate authorities fully automate domain validation. If a reseller has a fully integrated self-service portal, you may get your certificate in less than 5 minutes. But if there is a single manual step that requires the reseller`s input, for example you have to send the CSR by email or ask to change the domain validation email through the support ticket, the validation phase will take much longer. This becomes a hassle when you want to regularly re-issue your certificate for free.
  • Certificate installation instructions – CSR generation, CRT installation and CA-bundle installation may get complicated on different systems when you do it for the first time. Sure, you can find the answer on Google. However, it’s more convenient to get precise instructions from the seller at every step.
  • Support during extended validation – certificate authorities differ in small details how they check the organization. If you do everything absolutely correctly, you may get your certificate in 2 days. If you make some mistakes and the seller does not pro-actively solve them, you may get lost in the validation process for months. There are many small issues that require attention and experience: inprecise company name transliteration, forms filled in by a wrong employee, outdated contact details in the company databases, your local phone unreachable by the certificate authority, etc. A local seller that has helped to complete numerous validations of companies like yours will spot the potential issues and solve them in hours, not days.

Kriptografija.lt (UAB „Virtuali erdvė“) provides SSL certificates to hundreds of the largest Lithuanian and Latvian enterprises and governmental institutions. We have step-by-step installation instructions for all servers used in the Central Europe and know from experience how to solve complex European companies extended validation issues. Due to the high orders volume we have fully automated our certificate management system and get substantial discounts from the certification authorities. This is why we believe we can provide good customer experience for the lowest price to every Central European company when buying certificates.

Every certificate that we sell comes with these guarantees:

  1. Our recommended certificate will work perfectly, or we exchange it to another for free.
    We take responsibility for what we advise. If we make a mistake, we correct it at our own cost. When you buy a certificate with our recommendation, you are 100% sure the certificate will work for you.
  2. You will install the certificate to your hosting server in 15 minutes, or we install it for you.
    We provide detailed instructions how to install the certificate to any hosting server. If something is not clear, you can send us your control panel login details and we will install the certificate for you.
  3. We guarantee the lowest price among all providers that quote and sell certificates in Euros.
    We are the #1 SSL certificates reseller in Lithuania and we are expanding to the EU. Our sales volume allows us to guarantee the lowest prices in the region. If you find a better offer, let us know and we will beat it. The only condition – a better offer must be publicly available to everyone, not a private quote that we cannot verify.

In 2 working hours we will recommend you the most optimal SSL certificate for your server at the best price. This is a simple contact form, you will not be included in any mailing lists or contacted for any other reason.