What is an SSL/TLS Certificate?

Let's start with the basics: What the heck is an SSL/TLS Certificate?

When a computer connects to a website, communication begins between the computer's web browser and the web server the site is hosted on. Typically, this communication is unguarded, meaning it's out in the open and any interested third party can have a look at it. As you can imagine, if you're transmitting important personal information having it out in the open is not an ideal way to do things.

Think of an SSL/TLS certificate as a driver’s license of sorts—it serves two functions. It grants permissions to use encrypted communication via Public Key Infrastructure, and also authenticates the identity of the certificate’s holder.


Data Encryption Learn More


Authntication Learn More

Think of an SSL/TLS certificate as a driver's license of sorts...

Data Encryption

Encryption is a process that takes information and essentially scrambles it – and the only one who can unscramble it is a server or computer with a corresponding key. There's a lot to learn about keys, both private and public, but that's a topic for another day.

Data Encryption
Something to Remember

Something to keep in mind...

By encrypting communication between a server and a browser all of the information sent between the two is protected from the prying eyes of malicious third parties. In the past, this kind of security measure was only thought to be necessary for sites that collected personal information, but recently the browser community has begun pushing for universal encryption. This means that in the very near future, having SSL will be a requirement for all websites.


Authentication is done via the organization that issues the SSL certificate. These Certificate Authorities, as they are called, go through a validation process depending on which type of certificate a website is purchasing. There are three types of cetificate levels:

Domain Validation

Domain Validation

  • Issues within minutes
  • Basic no-frills encryption
  • Great for any site

Shop DV Certs

Domain Validation

Organization Validation

  • Light Business Authentication
  • Displays Business Details
  • Perfect for E-Commerce

Shop OV Certs

Domain Validation

Extended Validation

  • Full Business Authentication
  • Activates Green Address Bar
  • Displays Best Site Seals

Shop EV Certs

In Summary

SSL Certificates facilitate an encrypted connection between a browser and a web server while also authenticating the identity of the website that owns the cert. With an SSL/TLS certificate, it's important to remember that the end user is the one visiting the website, but they are not the one who owns the certificate itself–that belongs to the company operating the website.

There are three kinds of certificates, DV, OV and EV. They offer varying levels of authentication but the same form of industry-standard encryption. The key to selecting the right SSL/TLS certificate is deciding what level of authentication you need. Smaller websites that do not collect user information may be better off saving money on a DV certificate. Business websites and E-Commerce sites should spring for an OV or EV certificate depending on their size and need for authentication.

Which Certificate Authority is right for you?

Choose a CA

The SSL Store™ Buyer's Guide

So now you understand what an SSL/TLS Certificate is, how it works and what you'll need to do in order to get one issued and running on your website. But this is only the tip of the iceberg. There's a whole range of factors that determine what type of certificate is right for you and your website.

There's also additional benefits and features that you may want to take advantage of to help you leverage your newly purchased SSL Certificate for all it's worth. In order to make the right decision for you and your company, you'll need all the information.

Buyer's Guide

Buyer's Guide