Abion / Blog / What is HTTPS and SSL? – Abions guide

28, August 2022

What is HTTPS and SSL? – Abions guide

Websecurity
English
pll_64ec8f6c9cdf0
Uncategorized
Https/SSL school

HTTPS (Hypertext Transfer Protocol Secure) and SSL (Secure Socket Layer) are used to protect data transmitted over the internet. They provide encryption and authentication, which means that all information transferred between a web server and a web browser is safeguarded from being stolen by a third party.

The Importance of Using SSL Certificates

Not using an SSL certificate is like putting a letter in a transparent envelope and then mailing it – everyone can see what it contains. With HTTPS and SSL, you ensure that the information sent between the sender and the recipient online cannot be intercepted, which is a crucial part of protecting yourself and your company against various frauds and intrusions.

Google's View on HTTPS

The use of HTTPS is currently one of Google's ranking factors and has aimed since 2014 for all webpages to use HTTPS. The purpose is to provide more credible content for their users. As part of the "HTTPS everywhere" initiative, they introduced a change in Chrome that now marks HTTP sites as "not secure".

When it comes to search engine optimization, Google is transparent that if two websites are equal in terms of other ranking signals, but one has SSL, the one with SSL will be ranked higher in search results. But perhaps the most interesting aspect is that according to a survey conducted by HubSpot Research, up to 85% of respondents will not proceed to a site that is not secure (lacks SSL).

As a result, the number of registered SSL certificates has significantly increased.

SSL certificate with ports group. Learn more

Different Types of SSL Certificates

Usually, three levels of SSL certificates are discussed – DV, OV, and EV. The validation process differs for each level. The higher the level, the more rigorous the validation process that has preceded the issuance. At the same time, a higher level of certificate implies a higher level of perceived trust in the brand by the visitor to the site.

Domain Validation (DV)

This is the lowest level of validation, which also means it is the easiest to obtain. The validation process involves the issuer verifying that a contact associated with the domain in question approves the request. This is typically done through email but can also occur through alternative methods.

The only advantage of this type of certificate is the quick validation process and relatively low cost. The disadvantages include a higher risk of phishing and "man-in-the-middle" attacks. Some issuers have gone so far as to stop issuing DV certificates due to the perspective that the drawbacks of using a DV certificate far outweigh its benefits.

Woman working with adding ssl certificate ports group

Organization Validation (OV)

OV certificates are one level above DV certificates. As the name suggests, the validation process for an OV certificate is more rigorous than for a DV certificate and includes verification of the organization behind the request.

This is typically done by following the steps in a validation for a DV certificate, but with the addition that the issuer contacts the company using contact details other than those from the domain name itself. This information is then published on the certificate, making the certificate more transparent and the website more credible.

Extended Validation (EV)

The validation process for an EV certificate is the most rigorous of the three. They take a bit longer to obtain, but for organizations aiming to achieve the highest level of trust for their brand, EV certificates are a necessity.

Most EV certificates also come with features such as malware scanning and badges to display on their site. These additional features can be very valuable when launching a new brand, website, or expanding into a new market. This is because they add credibility from established and trustworthy entities in the digital world. When a visitor clicks on the padlock in the address bar, the organization's validated name and country are displayed. This demonstrates that an EV certificate is in use and which organization the certificate is validated for.

Secure Management of SSL Certificates Minimizes the Risk of Business-Critical Consequences

SSL certificates are often registered with different issuers, at different times, and by various individuals within the organization. This can occur with varying durations and makes certificate management quite challenging, even for small organizations. Not to mention how complex it becomes when dealing with large organizations.

At Abion, we have the experience and expertise to guide you in your choice of certificates as well as in the most secure certificate management.

The Major Risks When Managing SSL Certificates

  • Incorrect Implementation
  • Insufficient Certificate Management
  • What Happens If/When a Certificate Expires
  • Other Use Cases for SSL Certificates
  • Abion's "Best Procedure" for SSL Certificate Management

Incorrect Implementation

Incorrect implementation can actually be worse than not having an SSL certificate at all.

Insufficient Certificate Management

Insufficient management of SSL certificates can have business-critical consequences. This ranges from external impacts such as unreachable websites and damaged reputation, to internal impacts like incapacitated employees and/or leakage of sensitive information.

What Happens If/When a Certificate Expires

SSL certificates have a predetermined validity period, up to one year. A common misconception about SSL certificates is that they are "renewed." In practice, an SSL certificate needs to be replaced with a new one. However, there are also situations when a certificate must be replaced before its expiration date.

The impact of a non-functioning SSL certificate for a website becomes painfully obvious when it occurs. The website is no longer encrypted and therefore not secure to use. Additionally, the website can become unreachable when a link structure based on HTTPS suddenly changes to HTTP because the protocol is no longer supported. Therefore, remember to ensure that you always have a valid and functioning SSL certificate.

Other Uses for SSL Certificates

Many forget that SSL certificates are not only used to encrypt traffic between a website and a visitor. SSL certificates are actually used in various contexts for different purposes. For example, for VPN connections, applications, cloud solutions, server-to-server communication, and more. Failing to manage SSL certificates can thus impact an entire company's infrastructure.

Server at ports group

Abion's "Best Procedure" for SSL Certificate Management

Our goal is to ensure the same secure management of SSL certificates as we do with domain names and trademarks. For maximum protection against certificate failure due to inadequate management, our recommendation is always to consolidate your certificates.

SSL Analysis - Step by Step

Let our expert team assist you with a plan for more secure certificate management.

  1. Current State Analysis
    In consultation with you, we analyze the current state of your certificates. What certificates are in place? From which issuers? The analysis is summarized in a document along with a recommended action plan to optimize the existing certificate management.
  1. Establish Control
    Based on the action plan, we enable the client to gain control over all certificates, with the ultimate goal of having all certificates managed by Abion for total control and security.
  1. Smooth Certificate Management
    Abion is a Platinum Partner with Digicert. As such, we have the capability to provide smooth and secure certificate management with a dedicated contact person and secure administration.

Do you want to learn more about SSL certificates? Contact us, and we'll assist you!

Contact us

Related reading

Zurich office Abion

Harry Bose Workshop Sign-Up

Okategoriserad
English
24, April 2024
You are invited to our Zürich Pre-INTA Annual Meeting Reception. 11th of April 2024, from 6:00 pm CET. At the Ab...
Läs mer
black sweater purple smoke

5 famous cases of counterfeiting

Blog
Trademark Management
English
9, April 2024
Counterfeiting is a global issue that affects both luxury and everyday brands, undermining the integrity of genuin...
Läs mer

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you excpect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.
Confirm choices Accept all