With Google’s recent announcement that the lack of website encryption (ie SSL/HTTPS) will start to have a negative effect on search ranking it is important to know what it is and how to enable it on your website.
SSL stands for Secure Socket Layer. What it does is authenticate your website’s identity and encrypt the information visitors receive and enter on your site. This allows sensitive information like credit card numbers and passwords to be transmitted securely.
All browsers have the capability to interact with secured web servers using SSL protocol. You may sometimes see web addresses that begin with https rather than http, that means the page referenced by that URL is secure. Most browsers will also display a lock icon or display a green address bar, to indicate that a page is secure.
Having a secure connection allows your website visitors to feel confident about submitting sensitive information such as credit card information to your website. This includes making payments for memberships, event tickets and donations.
In order to establish a secure connection with your web server, your server has to have a SSL certificate installed. There are a lot of companies you can purchase a SSL certificate from including: digicert, Go Daddy, Namecheap, and Thawte. There can be a big difference in price between brands, but a little known secret is there is really no functional difference between similar certificates between brands for modern browsers.
The only thing you need to decide on is the level of verification performed by the SSL certificate issuer. For a basic SSL certificate, the issuer simply verifies that the you have ownership of the domain by sending a confirmation email to the email address on record for the domain. Extended Validation (EV) certificates go further by checking your business or non-profit identity. That identity is displayed by some browsers in the address bar, increasing trust. However EV certificates can take much longer to be approved, and may require notarized statements from your CPA or lawyer. Most organizations would be well served with just a basic certificate.
The process of obtaining a SSL certificate goes like this – first you generate a SSL certificate request and SSL private key on your server. You then purchase a SSL certificate through the company of your choice, and submit the SSL certificate request to that company. Once the certificate is issued, you can install the certificate on the server together with the matching SSL private key that was generated with the certificate request.
The exact process of generating a SSL certificate request and installing the certificate will vary depending on your server/hosting provider. If you’re using MembershipWorks for your website hosting, we have a guide that walks you through how to obtain and install the SSL certificate through the MembershipWorks interface.
Providing a secure way for your members to purchase membership and event tickets is important as people are increasingly concerned with the security and privacy of their information. Obtaining a SSL certificate is not as difficult as it appears, and will reap you dividends in improving your online conversion rates, reducing customer service calls from members and increasing your SEO.