Secure Sockets Layer (SSL) is a protocol for website security. It protects online communication and transactions using the strongest encryption available. An SSL certificate validates the identity of your website, rather like a passport. Once activated it displays a padlock icon and https:// in your URL. These trust indicators let your customers know that your site is genuine, protected, and private.

As an online retailer, it’s your duty to protect the information that your customers share with you. An SSL certificate on your website scrambles or encrypts the traffic between a web server and a web browser. This means your customers' personal information is secure. Without SSL, any computer can intercept and steal credit card numbers, usernames, and passwords.

Google has stated that HTTPS will be a ranking signal. Excellent news - it means your website’s page ranking will be boosted if you have an SSL certificate.

All of them, but some sites are more vulnerable than others such as financial institutions, big-name brands, and government entities. You must use SSL protection if your website is PCI compliant and accepts payment cards, or does any of the following:

• Banking sites asking for financial information.
• If your website accepts payment cards (American Express, Diners Club International, MasterCard, Visa. Including credit, debit, prepaid, and gift cards), you have to comply with the credit card associations' rules about data security. The goal being to protect cardholder data. This has been standardised under the Payment Card Industry Data Security Standard (PCI DSS). If you don’t use an SSL certificate on your website, you won’t be complying with the PCI standards.
• Your website asks customers to provide personal or sensitive information such as email addresses, social security numbers, medical records, and passport numbers.
• You have login forms on your website asking users to enter their username and password.
• Your site provides webmail where users can login and read email in a secure environment.
• There are subscription pages for newsletters, mailing lists, etc.

The wildcard applies to the PositiveSSL DV, Domain, and Organisation SSL certificates. The certificates are issued for the domain name specified in the initial application. If you buy a wildcard with one of these three certificates, it means that the common name specified is *.yourdomainname.com. You can then use the certificate on an unlimited number of subdomains and servers. You also have the option to add in the future.

If you need to secure multiple subdomains on a single domain name, you can buy a wildcard. For a wildcard SSL certificate, a common name of *.yourdomainname.com would secure www.yourdomainname.com, mail.yourdomainname.com, secure.yourdomainname.com, etc...

To complete the application for your SSL certificate you need to generate a CSR and submit it to our Certificate Authority (CA). The CSR contains text that's been encrypted and includes details of your application: company name, domain name, location, email address. Plus, your public and private keys will be generated. Your public/private keys are for encrypting/decrypting all online communication and transactions between you and your customers. To ensure your website traffic stays secure, you must keep your private key a secret. Once our CA receives and confirms your details, it will issue your SSL certificate.

Our Certificate Authority provides an SSL certificate Request Helper which will create your CSR. This tool allows you to generate the CSR for OpenSSL, Microsoft Exchange 2007, Microsoft Exchange 2010, Java Keytool, F5 Big-IP, and Microsoft IIS

Please note that if you’re generating a CSR for a wildcard SSL certificate, your common name must start with an asterisk (*), i.e., *.exigent.com.au. The asterisk represents any subdomain name.

Every SSL certificate has a digital signature based on a one-way cryptographic hashing algorithm. In non-geeky terms it’s a secret code that works as a security mechanism to check the integrity of data. For a decade, the SHA-1 was the algorithm of choice. But, it hasn’t kept up with technology and is now vulnerable to attack. Websites that have SSL certificates with SHA-1 will trigger an alert message that warns that the site is unsafe. Those pesky hackers broke the code! All our SSL certificates have the SHA-2 algorithm.

It’s because the audit and validation process for the EV SSL certificate isn’t automated and the background checks are meticulous. It’s the price you pay for super-protection, but it’s worth it.