Digital Security Certificate: What is it for?

  • Tutorial
SSL (Secure Socket Layer) - a protocol for encrypting data exchanged between the client and server - has become the most common method of protection on the Internet. It was once developed by Netscape. Secure exchange is ensured by the encryption and authentication of the digital certificate. Digital certificate is a file that uniquely identifies servers. Typically, a digital certificate is signed and certified by specialized centers. They are called certification authorities or certification authorities.



What is an SSL certificate?


Many have probably heard about SSL certificates , but not everyone has a clear idea of ​​what it is and why they are needed. In essence, an SSL certificate is a digital signature of your site, confirming its authenticity. Using the certificate allows you to protect both the owner of the site and its customers. An SSL certificate enables the owner to apply SSL encryption technology to their site.

Thus, the purpose of the SSL certificate is to provide a secure connection between the server and the user's browser, to reliably protect data from interception and spoofing. The certificate is used to encrypt data and identify the site when establishing a secure HTTPS connection.

Information is transmitted in encrypted form, and it can only be decrypted using a special key that is part of the certificate. This guarantees the safety of data. Visitors to the site have the right to expect that the protection of their information, if important, will be ensured by using an SSL certificate. They can leave your site if they see that it is not secure. If the site has an SSL certificate, then a lock icon is displayed in the browser status bar.


How does HTTPS (SSL action scheme) work:

- The user goes to a secure site;
- A DNS check is performed and the IP address of the website host is determined;
- Website record found, go to host web server;
- Request a secure SSL connection from the website host;
- The host responds with a valid SSL certificate;
- A secure connection is established, the transmitted data is encrypted.


Protection for business and customers


Which sites need SSL protection? Yes, almost everyone. Especially those that are most susceptible to attacks: the resources of financial institutions, major brands, sites that work with personal data and payment information.

SSL certificates are used not only by banks and financial organizations, payment systems and such government portals as the website of the Federal Tax Service (FTS) and gosuslugi.ru, but also online stores and even private individuals and individual entrepreneurs.

What are the benefits of using an SSL certificate for a business? Since when using certificates and SSL protocol, the data received and sent when visiting the sites is encrypted, the authentication procedure is applied, this gives users some confidence that the personal data they enter, such as phone numbers and bank cards, will not fall into the wrong hands. Due to their uniqueness, SSL certificates also make it very difficult for cyber fraudsters to use phishing schemes.

The site owner can also not worry that customer data will leak to the side as a result of an interception or “man in the middle” attack, and the reputation of the business and even the continued existence of the company will be in jeopardy.


1. Standard HTTP is replaced by HTTPS. This indicates that SSL is used in the connection between the server and the browser.
2. The address bar turns green, indicating that the website uses Extended Validation SSL.
3. A yellow padlock with a closed handle means that the connection between the server and the browser is secure. If the lock is open or missing, then the connection does not use SSL.
4. If you use the Extended Validation SSL certificate, the company name is displayed in the address bar.


The SSL certificate guarantees protection of all the information that the site exchanges with the user's browser. And thus protects your business. This is especially important in financial transactions, online transactions. Indirect benefits - increased confidence in your business, increased sales, protection of business information.

Ultimately, an SSL certificate helps build customer trust. If they know that their information is protected, then they are more likely to want to deal with your company.


According to a study by GlobalSign, 84% of users would not shop on a site without a secure connection. 48% check before entering personal data how secure the site is.

The lock icon and HTTPS letters in the URL of your site indicate its security. And the green address bar of the site with the Extended Validation SSL certificate is even more reliable evidence of the reliability of the resource. Visitors will know that they went to that site, and the information they enter will remain private.

In addition, sites confirmed by certificates occupy higher positions in the results of search engine results compared to competitors without SSL. In 2014, Google announced that it will take into account the use of HTTPS (the letter S just indicates the use of an SSL certificate) when ranking sites. That is, if the site does not have an SSL certificate, it will not occupy high positions in the search results and cannot attract a large number of visitors.  

Where to buy an SSL certificate?


Certificates are usually acquired not directly from a certification authority, but through partners. In Russia, many companies are engaged in the sale of certificates of well-known certification authorities (CA), such as Comodo, Geotrust, GoDaddy, GlobalSign, Symantec and others. The root SSL certificates of these CAs are preinstalled as trusted in all popular browsers. There are unique offers. REG.RU , as a GlobalSign partner implementing a joint SSL development program with this company, can offer certificates from this leading CA - from the basic to the advanced level.

As a rule, partners have agreements with different certification authorities, which allows you to choose the best price (in rubles) and characteristics certificate, get discounts and help experienced professionals in choosing a certificate and installing it on the server. For a number of customers, the brand is important, the name of the company in the certificate.


To see detailed information about the SSL certificate, the user just needs to click on the lock icon and select "View Certificate" in the menu. Browsers may vary, but the certificate always contains the same information.

Not all SSL certificates are paid. For example, when registering a domain or buying a hosting, REG.RU customers can get an SSL certificate for free. Also, a nice bonus is available when connecting to Yandex.Cash. It is worth noting that a free certificate is issued for one year.


According to Netkraft , in 2015, about a third of SSL certificates in the world were issued by Symantec, which is 10% ahead of GoDaddy. The top three certification authorities (CA) account for over 3/4 of the SSL certificates used on the Internet.

According to our estimates, only in second-level domains, in 2015, about 144 thousand SSL certificates were used in the .RU domain zone. Only 30% of them are valid, that is, CAs are verified. All others do not guarantee protection against interception of user data. The volume of sales of SSL certificates in Russia reaches about 6.2 billion rubles. in year. According to Mozilla, as of December 2015, 40% of sites in the world and 65% of transactions used HTTPS.


The certification center issues an SSL certificate - an independent party that verifies the accuracy of the information specified in the certificate: does the domain name really belong to the company or individual to whom it is registered; the authenticity of the site for which the SSL certificate was issued, etc.

SSL Certificate Validation Levels


There are certificates of different levels of verification. To protect the personal data of users, a certificate with simplified verification - DV (Domain validation) is suitable. A domain verification certificate is the lowest and least expensive. It is available to individuals and legal entities, issued to the owner or administrator of the domain name and simply confirms this domain name.

The next level is the OV (Organization validation) certificate for organizations, which is used to verify the connection between the domain name, the domain owner and the company using the certificate. That is, such a certificate certifies not only the domain name, but also that the site belongs to a truly existing organization.

For a better check of the company and its authority to purchase certificates, so-called certificates with extended verification - EV (Extended validation) are used. This is the most prestigious type of certificate. Such certificates are the most trusted. For example, DigiCert, one of the leading certification authorities, sells OV and EV certificates. GlobalSign partners offer SSL certificates at various levels, including the highest.


After installing the certificate of advanced verification, the address bar in the browser turns green - this is a visual indicator of the reliability of the site. Such a certificate indicates the name of the organization and the name of the certification authority that issued the certificate.

The green address bar is an indicator of the legitimacy of your business. A certificate with advanced verification not only provides protection against fraudulent sites. If domain verification certificates provide only encryption of the connection, then certificates of the highest category also give your customers confidence in the legitimacy of your business. When issuing an EV certificate, a very thorough check of the organization is carried out, including checking its activities, compliance with official documents, as well as the rights to use a domain name. Therefore, enterprises that use certificates with advanced verification are very successful in the market. As already noted, in order to find out which certificate you are using, it is enough for the client to click on the lock icon in the browser line.

This diagram shows the shares of DV, OV, and EV certificates at major certification authorities. DV certificates account for about 70% of all types of certificates, with EV accounting for less than 5%.

There are certificates for one, several domains (SAN) and certificates for all direct subdomains of the selected domain (Wildcard).

SSL certificates in Russia


According to the analytical service StatOnline.ru, out of 3,286,782 sites in the .RU zone (at the end of February), only about 60 thousand (or about 1.8%) of resources have SSL certificates verified by certification authorities. The rest use self-signed, invalid certificates, or even refuse this type of protection.

REG.RU and one of the oldest international certification authorities GlobalSign have launched a program to promote secure data transmission on the Internet. It is designed both for owners of Internet resources, and for ordinary users from Russia and the CIS.

Together with GlobalSign, we intend to create a culture of secure information transfer. A key element of the program is increasing the availability of SSL technologies and providing website owners with relevant protection tools.

SSL certificates were also noted in the country's leadership. According to media reports , Russia may create its own state certification center for their issuance. Reportedly, such work is already underway. But for this, it is necessary to oblige browser manufacturers to preinstall a special root certificate in their products.

So what is the value of HTTPS and SSL? Why is this necessary when website visitors are not required to enter confidential information or make payments? At least then, to go higher in the search results. And user confidence is a factor that cannot be discounted. It’s easy to technically complement an SSL site, and it’s not financially burdensome. SSL certificate is an easy and economical way to protect your website and online transactions, making it more secure for users. Today, SSL has become one of the most important site security measures and an industry-recognized industry standard.

Also popular now: