When there's some sensitive data needs to be protected through your website, SSL would be the most affordable choice beside any other security configuration. SSL will encrypt your data before sending out to internet, so even the transer is hajacked by somebody, they will only get unreadable characters. Your data is still kept in safe place. Most web hosting providers offer SSL registration and almost every hosting company provides free shared ssl for your hosting account. Should you purchas your own dedicated SSL certificate or make use of the free shared one?
About dedicated SSL certificate
A dedicated ssl is registered through a specific domain which you're going to install it on and you can only use it under the exact domain URL. There're two types dedicated certificates – single domain and wildcard domain certificate. The single domain ssl only works on the specific URL you entered when sending out the signing request. For example you have entered www.domain.com or domain.com(without www) then your ssl can only be installed on the specific address. Basically if you installed SSL on www.domain.com then you can view the secured url via https://www.domain.com but not https://domain.com, the vice versa. If you would like to use https on both urls you need to purchase wildcard version. Actually, once your have wildcard ssl installed you can use https for any sub domain site like https://*.domain.com.
The process to order SSL certificate
- Generate CSR(certificate signing request) from your hosting provider. Here you need to enter the domain name you need for ssl, your company name & GEO location and contact email address.
- Send CSR to your SSL provider. they will verify your provided information and sometimes they will call you directly to verify your domain ownership. Once they confirmed your request, they will assign the SSL certificate and send it to your contact email. Some leading ssl providers like versign and rapidssl will handle your order pretty fast.
- Contact hosting provider for installation. They will install the certificate based the previous CSR and your provided ssl information. Please note, a dedicated IP address is needed for ssl installation so if your hosting package doesn't offer free dedicated ip service, you will have to purchase it separately.
If you're cpanel guide.based, the above process can be simplified and can be fully handled by yourself by following this
About Shared SSL
Shared SSL is just a relative term. It's actually working the same as dedicated certificate. Shared SSL is installed on server names which is well known as "temp URL". Because a shared server might host tens or hundreds of hosting accounts, all of them can ultilize the same temp URL via secured https address, that's how we call it shared ssl. Technically speaking, a shared ssl is actually wildcard ssl certificate that's used by lots of clients. Shared ssl is always provided for free to existing clients because it doesn't require any additional configuration.
Shared SSL vs Dedicated certificate
You might run into this question easily when you got the need to secure your store. Which one should you use? They're both good choice depends your different requirements, but there's some slight difference between the two. Let's go ahead and read below.
Price consideration. Shared ssl is 100% free to use while you have to pay tens or hundreds dollars for a dedicated ssl certificate. You need to evaluate carefully about which one to integrate with. Unless you are running a large store that come with big amount transactions, shared ssl is good enough for security protection purpose.
Level of Security. There're multiple versions ssl certificates from providers. 128bit is cheap but some part outdated. 256bit is good but more expensive. However, most shared ssl doesn't have such issues because it's always configured with the highest version in wildcard format.
Ease of use. If you have used single domain certificate, you might have to deal with both www address and no www address in programming. You need to do local testing before put it alive. But such issue doesn't exist on shared ssl because there's just a unique address provided.
Branding. Dedicated certificate would be good choice if you're promoting your brand. Since shared ssl is configured on hosting server domain instead of yours, it might bring negative effect to your site authority. Dedicated certificate is 100% assigned to your own domain so above issue doesn't exist. When your site is gaining more popularity, it's crucial to get your own certificate instead using the shared one.
If you're promoting a small shopping cart site with less online transaction, shared ssl is good enough for security protection and easy integration. But if you're promoting your site to a big online platform, a wildcard dedicated ssl is your best choice for any side consideration.