An SSL certificate is something you've heard a lot about, and if you want to build a website or a WordPress blog, you're looking for a host that offers it, right?
Due to the importance of SSL certificates, we've written a comprehensive article about them:
Contents of the article:
Note: In this article, the words: User, Browser, Browser, Browser program, Client, refer to an Internet user.
While the words: Server, server, web server, web server, hosting server refer to the hosting company's server that contains the website.
And abbreviations: SSL, TLS, and https refer to one meaning.
What is SSL? What is TLS?
SSL is an abbreviation for Secure Socket Layer In Arabic it means: Secure Sockets Layer and similarly TLS Abbreviation for Transport Layer Security Arabic for transportation layer security.
TLS is the newer version of SSL, but because the term SSL is more common, it is more commonly used.
This means that the two terms are synonymous and are a layer that deals with the security and encryption of the information exchanged between the server and the client.
That is, the connection that occurs between the hosting server on which your website is hosted and the browser software that you use is made secure and encrypted so that the information exchanged within the connection is encrypted.
It can also be said that it encrypts the communication between devices that are connected to the Internet and between which communication takes place in order to exchange and transfer information between them.
In other words, https, SSL, or TLS prevents hackers from reading or modifying the information transmitted between the two connected devices by encrypting it.
We conclude from the above that:
TLS or SSL is a layer that encrypts information exchanged between devices connected to the internet. In the case of https websites, it is a protocol that encrypts information between the browser (you) and the hosting server to prevent hackers from reading or modifying it.
How does an SSL certificate work?
In order for the connection between the server and the browser to be encrypted and secure, an SSL security certificate is required:
- The browser attempts to connect to the hosting web server with a secure connection through https
- The server sends a copy of the SSL certificate as a response
- The browser validates the SSL certificate and if the validation is positive, the browser sends a signal to the server
- The server fulfills the browser's request for a secure connection.
You may think the process takes a long time, but it's all done in tiny fractions of a second (milliseconds).
How does Encryption work in SSL certificates?
SSL certificates have two keys:
- Public Key It is used to encrypt information on the browser side and is called public because you can see it and know it.
- Private Key It is used to decrypt information from the server side. It is called a private key because it is not seen and cannot be known. Only the server knows it.
See the following image that shows how SSL security certificates work with a description of the encryption scheme:
SSL certificates provide a layer of protection for the communication between the server and the user by encrypting the information with the public key on the user side and sending it encrypted to the server side, and the server decrypts it with the private key.
What is the difference between http and https?
Both are protocols designed to connect your device through your browser to the hosting company's web server. Information within the connection is encrypted when using the https protocol, while it is unencrypted when using the http protocol.
The previous image represents the use of https. The next image represents http:
How do you know if the website you're visiting uses an SSL certificate or not?
You can tell that a forged site is using a TLS, SSL, or https certificate in several ways:
- The URL starts with https with the padlock sign appearing before it
- Browsers such as Google Chrome give you a warning when you visit a site that does not display the site, but instead displays a page stating that the site is not secure for various reasons, including the lack of https security certificate.
In addition, the browser shows Not Secure before the link if the site does not use a TLS certificate.
Does my site need an SSL certificate?
The answer is definitely yes and that:
- to provide an extra layer of protection.
- SSL certificates have become a requirement for search engines.
- An SSL certificate also increases the user's confidence in your site when they see the green color.
- The not secure issue in Google Chrome has been resolved
How to get a free SSL security certificate for your website?
You can get it from the hosting company, and among the best hosting companies that provide a free TLS/SSL certificate for life for all domains connected to the hosting when you buy shared hosting are the following:
1- InterServer:
Visit InterServer
2- A2hosting:
Visit A2hosting
3- Green Geeks:
Visit GreenGeeks
4- DreamHost:
Visiting DreamHost
5- FastComet:
Visit FastComet
How to install an SSL security certificate in cPanel
We have shown the best hosting companies that provide the basic SSL security certificate for free when you buy hosting from them, and the method of installing the SSL/TLS certificate is as in the following steps, as in most premium hosting companies:
Recently, cPanel released a new style for the cPanel control panel called Glass, which is very similar to the old style, and the difference is limited to hiding the tool icons in the new style, unlike the old style, while everything else is the same.
You can learn about changing the cPanel style by reviewing the article How to change the cPanel style.
1- Log in to cPanel
2- Head to the security section Security From there, choose the tool SSL/TLS Status as in the following image:
3- You get to the SSL certificate operation interface, which shows you all the domains you have and the certificate status for each domain
4. Note Certificate Status If it is not a green lock for all domains as in the following image, click on the small box to select all your domains and then click on the Run AutoSSL The SSL certificate is triggered and activated:
5- Wait for a while (a few minutes) and then reload the page and you will find that the SSL certificate has been installed for all your domains connected to your hosting and that the certificate status is a green lock for all domains.
Another way to activate an SSL certificate:
If you don't see this tool available in your cPanel, simply contact technical support via ticket or chat and ask them to install the certificate on the domain.
The method of installing the certificate is slightly different.
How to install a Cloudflare SSL certificate:
To find out, you can check out our Cloudflare It shows you its concept, usefulness, how to register and connect your site to it, and how to install an SSL certificate from it on the domain.
Types of SSL/TLS security certificates
SSL/TLS security certificates have several types depending on the security levels:
First: Domain Validated Certificate, abbreviated as DV certificate or DV: AutoSSL DV Certificate
This is the basic security certificate, which is free or almost free so you don't need to buy it (free ssl certificate) and is provided by the aforementioned hosting companies such as InterServer hosting for free for life.
It is used by a site which is the best hosting. It is symbolized by the following code in the Domains column of the SSL/TLS Status widget in cPanel:
II: Organizational Validation (OV) certificate:
It offers a higher level of security and protection than the first type and is an excellent choice for supermarkets. It is symbolized on the cPanel with this icon:
Third: Extended Validation (EV) certificate:
It is characterized by a very high level of security and is very rarely used by websites due to its high cost, and you can know that the website has it by the appearance of the company name next to the green lock in the address bar of the browser.
See photo:
It is symbolized in the cPanel under the Domains column of the SSL/TLS Status widget with the following code:
Frequently asked questions about SSL/TLS security certificates
☑️ What is SSL?
To find out, you can check the What is SSL/TLS.
☑️ Which hosting companies provide an SSL certificate?
You can review the Best Web Hosting It has hosting companies that all offer security certificates.
☑️ Is there an expiration date for the SSL certificate and why?
Yes, there is a certificate expiration date on the domain in order to periodically check the security and validity of the certificate.
☑️ How can you find out some information about your website's TLS/SSL certificate?
This is done by clicking on the green lock in the navigation bar and a small window appears, from which you click on Certificate and some information appears, such as the date of issuance and expiration of the certificate.
Here, my friends, we have finished writing our article What is SSL / TLS? And how does an SSL security certificate work? But the field of questions is open about explaining the ssl certificate, so all you have to do is write your questions in the comments to be answered as quickly as possible.