Secure your website permanently for free!
As website encryption becomes expected by visitors and even required by some browsers SSL certificates are an important asset for every digital deployment.
22 March 2019
In todays tech insight we want to share one way to get a valid certificate to encrypt and secure your website at absolutely no cost!
What is SSL?
SSL stands for Secure Sockets Layer, which is a protocol to facility 2 important features:
- Encrypting the data transfer from your server / website to a visitors computer or phone
- Ensuring the identity of your website, to give a visitors peace of mind that they are seeing an authentic and not manipulated page
To enable these two things SSL requires the website owner to have a valid certificate, from a trusted third party, a so called certificate authority. Such a certificate can be issued in various ways that may or may not include extensive verifications and costs for the website owner.
Websites that are using SSL with a valid certificate can easily be identified by visitors, as they connect through the HTTPS protocol, instead of insecure HTTP.
Why do I need it?
Securing the transmissions from your website was always recommended and has become the de facto standard in recent years, as browser moved to warn users when opening an unencrypted website.
While offering your website via HTTPS and SSL is always a good idea, especially when you perform transmission of personal information (e.g. in forms), logins or sensitive account related data it is mandatory.
As browsers stepped up the enforcement of encryption requirements and will continue to do so, users grew to expect secure websites as well. For that reason at esugo we include encryption in all our clients websites to ensure a professional digital presence and industry leading security.
What certificates are there?
It is worth noting that there are several types of certificates, that can be broadly categorised in domain validated and extended validation.
The first one ensures that the certificate was issued to the owner of a website, while an extended cert can validate the identity of a company or organization, for an added layer of protection for sensitive products (e.g. online banking).
How to get it free?
Traditionally the required certificates to enable SSL were only available from a few select companies and therefore prices remained high for a long time. Generally certificates are only valid for a certain time until they need to be renewed.
While that validity can range over many years browsers do not appreciate long lived certificates and may even reject them, as identity and operation of a website can not be guaranteed for too long. Therefore we recommend to not use certificates that are valid for more than one year.
While extended validation certificates are still rather costly, due to the amount of manual processes involved, with the recent arrival of Lets Encrypt domain validation certs can now be obtained completely free.
These free certificates are accepted by all major browsers and have little difference to paid certs in every day operations. However certificates from lets Encrypt are only valid for 90 days after which they will need to be renewed, again at no cost. To streamline that process we are using certs from our partner Buypass AS, a Norwegian certificate authority with an unbeaten track record of security, which are valid for 180 days and as well forever completely free.
You can find out more about how to get one of those certificates for your website here. If you have more questions about securely transmitting your website or how to integrate the tech from this article don't hesitate to get in touch with our experts by filling out the form below or email us to firstname.lastname@example.org!