SSL for everyone

In the title I wrote SSL but to be more precise it should be SSL/TLS certificate. This is because now if you obtaining ‘SSL’ certificate chances are that it will work.both with SSL and TLS protocols.

It’s time to change

No doubt that having a website served via HTTPS protocol makes sense. Especially when you dealing with passing sensitive data in such situations like filling forms. But if you have only simple information page you shouldn’t even bother. (Un)fortunately Google decided that it’s high time for make full transition to https:// everywhere.

https://www.blog.google/products/chrome/milestone-chrome-security-marking-http-not-secure/

Possible options of obtaining certificate

There are three types which have different level of assurance :

  • Domain Validated (DV) SSL – they check your right to use a specific domain
  • Organization Validated (OV) SSL – additionally check you/your company.
  • Extended Validation (EV) SSL – even more checking (investigating) of you

When I was considering putting this blog to ‘green padlock waters’ I’ve started to seek the easiest/cheapest way. I came with those options:

Buy yourself

Not so long ago you had to buy those from one from certificate authority providers. There are many offers starting from 20$:

SSL.com

Comodo

 

Game changer

Let’s Encrypt – free open source project, yes it’s free. If you manage server by your own you can simply install it.

When you’re running your site on shared hosting chances are that they offer SSL certificates as a free feature. There are some companies offering automatic implementation of Let’s Encrypt certificates:

 

Man-in-the-middle

Cloudflare, a CDN provider offers encryption for connection between them and the user. This solution in any case doesn’t improve security, but web browser display ‘https://’ url anyway.

Flexible SSL - Cloudflare
https://www.cloudflare.com/ssl/

Of course you can combine it with certificate on origin side issued by Cloudflare, or elsewhere.

 

Get Free Email Updates!

Signup now and receive an email once I publish new content.

I agree to have my personal information transfered to MailChimp ( more information )

I will never give away, trade or sell your email address. You can unsubscribe at any time.

Leave a Reply