It’s about trust. Customers are loyal to brick-and-mortar locations because they trust you’ll provide the best prices, top-tier service and always take care of their personal information. Yet what happens when those customers make the move to online shopping? How do you ensure any pieces of digital data you obtain — personal details, credit card numbers or transaction histories — are treated with the same level of security as hard-copy information? Start with SSL.
How Do You Set Up An SSL?
The acronym stands for “Secure Sockets Layer” and describes a protocol used to keep information safe when transmitted to and from your website. At its most basic, SSL acts as a form of digitized trust: You obtain a “certificate” from a recognized authority that demonstrates you have implemented data encryption procedures to secure all information moving to and from your website. Still sounds complicated, right? Let’s break it down.
Making the move to SSL starts with an application to a registered certificate authority (CA). To make this application, you need a functioning website that is registered to you personally or your company and must provide some basic information — such as your physical address, contact numbers or email addresses. Once the CA has verified this information, it will typically issue a temporary certificate that you can list on your website, which uses the existing trust of the CA to indicate you’re above board.
Next step? The CA generates a pair of “keys” — one public and one private — to encrypt information that travels between web browsers and your website servers. Only you get access to the private key, while the public key is automatically used whenever users submit a form, send an email or otherwise interact with your site. Finally, you’re provided with an “SSL Certificate” that your webmaster or hosting company installs on your site, which ensures that all incoming and outgoing communications are encrypted. As a result, your website URL gets to append the “s” and become “https,” and you can use the green padlock symbol that users often associate with trust and security.
Are you ready to make the switch and secure your website with SSL? Start with our quick-and-easy checklist to get up and running ASAP.
CHECKLIST: How to Set Up an SSL Certificate on Your Website or Server
SSL technology encrypts communication between web browsers and website servers to help keep customer data safe. Here’s a checklist of tasks to help your business put an SSL certificate to work.
Know the Basics
SSL protection obscures transmitted data using a public “key,” which a browser accesses when navigating to your site; and a private key, which only you know. Your server can decrypt the information, but hackers are out of luck.
Through your web host, upgrade to a dedicated (rather than shared) IP address. SSL issuers must ensure that traffic using your key is going to your site and not another hosted at the same address.
Create a Signed Request
A certificate signing request is encrypted text to be included in your certificate: organization and domain names, locality, etc. Ask your web provider to do this, or create one via your web hosting control panel.
Acquire a Certificate
Some companies issue SSL certificates for a small fee. Open-source options provide free, automated access to SSL certificates. You typically must create an account with the certificate authority, which verifies information and creates a public/private key pair.
If all goes well, your certificate authority should email a .CRT file to install. Your web provider might be willing to activate the certificate, or you can do so, again via your web control panel (“Install SSL Certificate”).
Enter https:// and your domain name. If you land on your site, the certificate is working properly. If the webpage won’t load, contact your certificate authority.
Update Your Site
Update any site links that transmit sensitive data (account logins, shopping carts, payment gateways) so that users will access your site through the secure, https-enabled URLs instead of just http.