Every user has likely encountered the message “Insecure connection” at least once in their browser. Many leave the site, concerned about their data security. But how does the browser ensure your safety?

When you visit a website, the browser checks for an SSL certificate. This is how it determines whether the site is secure. Without a valid SSL certificate, your site risks losing users’ trust, becoming an easy target for hackers, and potentially being blocked by search engines.

At SpaceLama, we care a lot about SSL validation (that’s our business, after all – selling domain names and SSL certificates). So we’re always eager to explain what an SSL certificate is, how it works and how to choose the right one.

What is an SSL certificate?

An SSL certificate is a security technology that encrypts data transferred between a user and a website. Simply put, it’s a digital certificate that verifies your website’s security, helping to build trust with both browsers and users.

When a site is protected by SSL, a padlock icon appears in the address bar, and its URL begins with https:// instead of http://.  This indicates that all data (i.e. passwords, credit card numbers, and personal messages) is transmitted in encrypted form, preventing interception by hackers.

For Google Chrome users, the presence of a certificate is indicated by the “Settings” or “Tune” icon.  

How does SSL technology work?

1. The browser (your computer) uses the site’s public key to encrypt data such as a password.
2. The encrypted data transforms into an incomprehensible string of characters that is unreadable to anyone except the site owner.
3. The site’s server then uses its private key to decrypt the message and retrieve the original data.

Even if a hacker intercepts the data, they won’t be able to read it because they don’t have the private key.

Think of it like a lock with two keys: one key can only lock it, while the other can only unlock it.

• The public key acts like a box with an open lock that anyone can use to drop a message inside and lock it. However, only the holder of the private key can unlock it and read the message.
• The website owner securely keeps the private key, which is essential for unlocking the box and accessing the message.

Why are SSL certificates important?

In today’s internet, data is as valuable as currency. On websites, users enter passwords, payment details, personal information, and phone numbers. Without SSL, this information is transmitted in plain text, making it vulnerable to interception by hackers who can exploit it for their own purposes. 

An SSL certificate encrypts this data, rendering it unreadable to outsiders. This is especially important for online stores and payment systems, websites with personal accounts (such as banking, email services, and social networks), and online forms that collect sensitive information (like logins, passwords, and questionnaires).

If a website is not protected by SSL, it becomes vulnerable to various attacks. Here are the most common risks:

• Data interception (Man-in-the-Middle Attacks, MITM). A hacker can insert themselves between the user and the website, allowing them to replace information or steal sensitive data, such as login credentials or payment information.
• Phishing and website substitution. Cybercriminals can create a fake version of your site to steal user data. Without SSL, the browser cannot verify the authenticity of the site.
• Penalties from Google and decreased trust. Sites without SSL are marked as “Not Secure” in browsers. Additionally, Google ranks unsecured websites lower in search results, prioritizing user safety.
• Loss of customers and reputation. John Cabot conducted a survey of 1,324 (yes, that’s a weird number) people to find out how the “Not Secure” warning affects user behavior. That study found that 46% of users would not enter their name, password, or credit card information on an unsecured site, and 64% stated they would leave the site immediately. Additionally, the study revealed that 14% of respondents feared their device had been exposed to a virus, while 8.4% believed it had signed them up for spam emails, and 12% thought they were encountering a fake version of a legitimate website. Furthermore, 9% were somewhat less suspicious, believing the warning indicated that the content was unreliable and not fact-checked. That’s quite a hefty price to pay for not using a proper SSL certificate!

Types of SSL certificates

Not all SSL certificates are created equal. They come in different types, varying by the level of verification and the number of domains they protect. Let’s take a closer look at each type.

Certificates with Domain Validation (DV)

This is the most basic level of protection, ideal for small sites, blogs, and personal pages. 

The certificate is issued automatically after confirming the domain’s ownership via email or DNS record. It does not require any company verification or proof of identity.

Pros	Cons
Fast issuance: from a few minutes to a couple of hours	Does not confirm the identity of the site owner, only domain ownership
Most affordable option	Not recommended for e-commerce and business sites as it lacks a strong trust factor.
Sufficient for personal projects and blogs

Certificates with Organization Verification (OV)

These are ideal for business sites that handle user data but do not require strict verification. In addition to domain verification, the certification authority (CA) verifies the company’s documents, such as registration data. Once the certificate is issued, users can view information about the owner in the certificate details.

Pros	Cons
More trustworthy than DV	The issuance process takes several days
Confirms that the site belongs to a real organization.	More expensive than DV
	The company name is not displayed in the browser’s address bar

Extended Validation certificates (EV)

These provide the maximum level of trust and are ideal for banks, social networks, utilities companies, online games, travel aggregators, gambling and betting sites, large e-commerce stores, and services where security is critical. 

The verification process includes a thorough examination of the company, covering registration documents, legal status, contact information, and owner identity. Once approved, the company name is displayed in the browser’s address bar. 

If your site processes payments, stores personal user data, or operates in the financial sector, an EV certificate is highly recommended.

Pros	Cons
The highest level of trust.	Long verification process: can take several weeks.
Minimizes the risk of phishing attacks, as attackers cannot easily fake an EV certificate.	More expensive than OV and DV.

In addition to classification by verification levels, SSL certificates are categorized based on the number of domains or subdomains they can protect.

1. Single-Domain SSL
   This type protects only one domain. 
   For example, if you obtain an SSL certificate for example.com, it will not work for shop.example.com or blog.example.com.
2. Wildcard SSL
   This certificate protects a primary domain and all its subdomains. 
   For instance, it covers example.com, shop.example.com, and blog.example.com.

Wildcard SSL is issued for the main domain (*.example.com), providing protection for unlimited subdomains. Please note that this certificate does not support the EV verification level (only DV or OV).

3. Multi-Domain SSL certificates (SAN – Subject Alternative Name)

These certificates protect several domains simultaneously within a single certificate. 

They are suitable for companies with multiple sites.

You can specify several domains at once in the certificate, and all of them will be protected.

How to obtain an SSL certificate

Step 1: Determine which SSL certificate you need

Before purchasing, it’s important to understand the level of protection your site requires. Ask yourself: what type of site am I securing?

If it’s a simple blog or personal page, a DV certificate from SpaceLama is ideal. For an online store or corporate site, an EV certificate will provide maximum trust, while an OV certificate is suitable for a site related to a bank or financial service.

Not sure which certificate to choose? Contact SpaceLama! Our experts will help you select and quickly set up the right SSL certificate.

Step 2: Choose a reliable certification authority (CA)

A certification authority (CA) is an organization that issues and verifies the authenticity of SSL certificates. Think of it as a trusted intermediary between the site and its users, ensuring that the site belongs to the declared owner and that the connection is secure.

At SpaceLama, we partner with leading CAs recognized by browsers and search engines:

• RapidSSL is the perfect solution for quickly obtaining basic website protection.
• GeoTrust is a balanced option for businesses, offering an optimal price-to-quality ratio.
• DigiCert is one of the most trusted providers of SSL certificates for corporate-level security.

Step 3: Order an SSL certificate through SpaceLama

Ordering a certificate through SpaceLama is a straightforward process that takes just three easy steps:

1. Choose the certificate type on the SpaceLama website.
2. Provide the necessary information: registration documents may be required depending on the certificate type.
3. Receive and install your certificate with 24/7 support from SpaceLama.

It’s important to note that a DV certificate is issued instantly, while OV and EV certificates require verification, which can take anywhere from a few days to a couple of weeks.

Step 4: Install the SSL certificate

Once you receive the certificate, it needs to be installed on your server. If you host with SpaceLama, the certificate is activated automatically! If you’re using a different server, follow the instructions for Apache, Nginx, cPanel, or Plesk.

Step 5: Set up automatic SSL renewal

SSL certificates have an expiration date, typically ranging from 1 to 2 years. To ensure your SSL certificate never expires, enable automatic renewal in SpaceLama.

Maintaining your SSL certificate

Installing an SSL certificate is only half the job. You also need to monitor its status to avoid security and trust issues. If the certificate expires, browsers will immediately display a “Not Secure” connection warning, which can deter users and negatively impact your SEO ranking.

How to properly monitor SSL?

1. Set up renewal reminders. SSL certificates typically last 1 to 2 years, and it’s easy to forget to renew them. SpaceLama will automatically notify you about renewal.
2. Use automatic renewal. If your hosting provider supports it, activate automatic SSL renewal to avoid downtime and prevent browsing security warnings.
3. Monitor the status of certificates. Regularly check your SSL for errors, such as:
   1. SSL not matching the domain
   2. Expired SSL certificate
   3. SSL not enabled on all pages.
4. Update SSL when changing servers or domains. If you move your site to another server or change your domain, be sure to reinstall the SSL certificate to maintain a secure connection.

---

Ensure the security of your website and protect your users’ sensitive information with SpaceLama’s trusted SSL solutions.

Don’t compromise on safety. It’s a dangerous game that’s not worth playing. Take action now to secure your site, and enhance your credibility and trustworthiness. 

Visit us today to explore SpaceLama’s range of SSL certificates (disclaimer: we’ve got them all) and start safeguarding your online presence.