×

Warning

JUser: :_load: Unable to load user with ID: 316003157

What's an SSL Certificate?

An SSL Certificate is an essential and powerful tool used to secure your website as well as visually reassure your visitors that their connection to your site can be trusted. While the security of the internet is evolving and new security tactics are being implemented, it's important to understand these changes and how they can affect your website.

Most browsers and mobile devices will discourage and/or warn you of a website's security protocols in use, based on the SSL Certificate installed. Additionally, many search engines will consider higher rank results for sites that have implemented an SSL Certificate (and using the https:// protocol over the non-secure http:// protocol). Whether you are maintaining a small informational website or even thriving with a successful online store, you've probably asked yourself: "What kind of SSL Certificate do I need to secure my website?" In this article, we'll explain the differences in "Free SSL" and "Dedicated SSL" Certificates which should help you decide which kind of SSL Certificate suits your website's security needs best. This will ensure that you are using the right tool for the right job!

What Does an SSL Certificate Actually Do?

An SSL Certificate simply put, is a digital file that contains information to authenticate the ownership of a website (or web server) and a cryptographic key, provided and authenticated by an authorized Certificate Authority (CA). Browser, operating system, as well as mobile device companies all maintain their approved certificate authorities lists. As long as a certificate issuer is a valid member in this (pre-installed) list, typically called the "Trusted Root CA Store", then the SSL Certificates they issue, will be trusted by browsers transparently. The certificate's validity is visually identified, as it trickles down to the end user via the browser. This allows the visitor the ability to quickly identify and trust, a secured website. This trust is symbolized by the more commonly known, "green padlock" displayed in the address bar. A green padlock indicates that the connection, from the browser to the server hosting the website, is properly encrypted for security and also that the domain's ownership is authentic and validated by the approved CA.

  • You can see the basic green padlock that displays for a Free SSL Certificate as an example in this screenshot:

    Green Padlock Displayed

  • You can hit F12 to view the certificate more in depth

    Click F12

  • Then select "View Certificate" to review the additional details of the Certificate

    View Certificate

The encryption used for a Free SSL and Dedicated SSL Certificate is generally the same. There is no difference in the encryption methods between free and dedicated SSL Certificates, as they are typically encrypted using the latest standard (currently TLSv1.2). Although the encryptions are similar, there are some minor differences that are important to consider when deciding whether a Free SSL or Dedicated SSL Certificate is best for you.

Validity

Free SSL Certificates only provide validation for ownership of a domain. Due to the nature of validation, only one domain can be secured by a Free SSL.

Now that many of the well known Certificate Authorities are offering "Free" SSL Certificates, the trust relationship between browsers and servers can be completed automatically and in lieu of (less trustworthy) self-signed certificates. However, a Free SSL still only authenticates the domain's ownership.

Why Use Free SSLs over Self-signed SSLs

Previously, the only "free" SSL Certificate that was available, was a "self-signed" certificate. This method, in which the server provides its own encryption key for secure sessions with browsers, relied on trusting the server administrator in validating the ownership of that domain. Since only CA's adopted by the browsers are trusted by default, this would trigger a pop-up security warning to indicate to visitors that the certificate was indeed encrypted. However, the authenticity of the ownership of the domain was not validated by an authorized CA. This kind of validation did not provide an avenue for browsers to automatically trust self-signed certificates, thus requiring users to "trust" the certificate by adding an exception to accept the certificate.

The validity of a Free SSL Certificate is typically a shorter term (30-90 days) than that of a Dedicated SSL Certificate. A Free SSL Certificate would expire sooner, thus requiring additional maintenance to maintain the validity of the Free SSL Certificate.

The most prominent difference in any Dedicated SSL Certificate versus a Free SSL Certificate is the validity of the certificate. Dedicated SSL Certificates may include more in depth validation. For instance, an Extended Validation SSL Certificate would authenticate not only the owner of the domain but also the validity of the business that claims to be the owner of the website. Although the encryption works the same way, this added layer of validation can help your visitors trust your website and business as one entity. The screenshot below shows the business and green padlock (in the address bar):

Green Address Bar

Utilizing Extended Validation or Organization Validation can help to reduce the threat of phishing. These Dedicated SSL Certificates require that the CA authenticate the validity of the claim that a business or organization owns the secured website. If a phishing attempt is made, it can be easily identified by the omission of these details. Your visitors will not see the trusted Certificate if lead to a website that is not validated accordingly.

Finally, a Dedicated SSL Certificate generally has a longer term (1-3 years) available. Thus it will remain valid longer, requiring less maintenance.

Additional Features

Dedicated SSL Certificates can come with additional benefits. However, the benefits of a Dedicated SSL Certificate can vary among providers but most commonly include securing multiple domains and/or wildcards. Although this article focuses on the differences between Free SSL and Dedicated SSL Certificates, it's important to note that Dedicated SSL Certificates may include different features, that Free SSL or other kinds of Dedicated SSL Certificates do not. For example, some CAs include their own support and various tiers of insurance/warranties. Weighing the pros and cons of those benefits should help guide you in your decision should you decide to purchase a Dedicated SSL Certificate.

Further Recommendations

If you simply want to secure your blog or informational website to ensure trust among your visitors, then a Free SSL Certificate should suffice. You can review our article to obtain a Free SSL.

If the features that are offered with a Dedicated SSL Certificate are needed for your business, then implementing the Dedicated SSL Certificate would be ideal. Generally, websites that are targeted by phishing should implement a Dedicated SSL Certificate. You can review our article to obtain a Dedicated SSL.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Did you find this article helpful?

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!

Help Center Search

Current Customers

Email: support@WebHostingHub.com Ticket: Submit a Support Ticket
Call: 877-595-4HUB (4482)
757-416-6627 (Intl.)
Chat: Click To Chat Now

Ask the Community

Get help with your questions from our community of like-minded hosting users and Web Hosting Hub Staff.

Not a Customer?

Get web hosting from a company that is here to help.