General SSL FAQs

What is SSL?

SSL, which stands for Secure Sockets Layer, is a cyber-security protocol that digitally encrypts information sent from a browser to a server. SSL certificates are used to protect sensitive information like credit card numbers, usernames, passwords, email addresses, and more. A website with an SSL certificate is identified using a number of trust indicators, like https and the padlock icon in the browser bar, a site seal from a reputable Certificate Authority (CA), and a green bar that wraps around the URL on more premium certificates.

What is an SSL Certificate?

An SSL certificate is a code file that when set up correctly on the web server for a website (domain/sub-domain) enables the use of secure https access for that website. It is issued for a domain and one or more of its sub-domains. When a web browser uses https access to communicate with a website, all the data shared between the browser and the website is encrypted using the SSL certificate's code key such that a third party cannot decipher it.

Where is the SSL certificate used?

The SSL certificate is stored and configured on the web server where the website is hosted. If you have direct access to the web server the set-up can be done manually. Otherwise, you can do it through your web hosting control panel.

Why is an SSL certificate required? What are the benefits of SSL certificates?

An SSL certificate enables encrypted/secure access to a website's files using https such that no 3rd party can decipher it during transfer through the network. This is an important aspect of website security and boosts visitor confidence when interacting with the website. Besides website security, SSL certificates are also recommended to improve website SEO, and also enable the use of web push notifications on the website. Check out this page to know more about the benefits offered.

What is a Domain Validated (DV) SSL certificate?

Domain Validation is the process of proving that you are the owner of the domain so that the Certificate Authority can issue the SSL certificate for your domain name and its sub-domains. A Domain Validated (DV) SSL certificate is the quickest and easiest way to secure a domain, as the Certificate Authority (CA) issuing the certificate only requires verification that the recipient actually owns the domain they wish to cover. This verification process can typically be completed in a matter of minutes. know more

Are SSL certificates free? Why pay for SSL certificates?

There are both free and paid SSL certificates. The free certificates are available with validities between 30 and 90 days. They offer encryption without any additional features, warranty, and support. The most popular free SSL certificate is Let's Encrypt. Premium/paid certificates offer a longer validity of one year, a verifiable site seal with a relying-party warranty, and support from the seller in addition to the encryption. Check out the pricing and features of premium SSL certificates.

Are SSL certificates expensive?

SSL certificates can be expensive if you buy them directly from the CA at the listed price. You can get an SSL certificate at huge discounts if you buy it from a reseller. To see the low prices offered by reseller visit this page.

Who provides SSL certificates?

An SSL certificate is issued and revoked by a Certificate Authority (CA). You can get your certificate directly from the CA at the list price, or from one of its partners or resellers at a discount.

What is a Certificate Authority?

A Certificate Authority (CA) is the company that actually issues the SSL certificates. Symantec, Thawte, GeoTrust, RapidSSL, Certum, and Comodo are all CAs, for example. We are a reseller of these CAs, meaning that we are able to offer the exact same certificate that you would get from buying direct, but at much lower prices. Since we buy in bulk, we are able to offer them at the significant discounts that you see on our website.

How much does an SSL certificate cost in India?

  • Regular SSL Certificates start at ₹772/year compare prices
  • Wildcard SSL Certificates start at ₹9,137/year compare prices
  • Multi-Domain SSL Certificates start at ₹1,931/year view price
  • Multi-Domain Wildcard SSL Certificates start at ₹17,889/year view price

Check out pricing and discounts available on this page.

Can I buy the SSL certificate from anywhere?

As long as you are buying from a genuine SSL provider you can buy the SSL certificate from anywhere. Some web hosting services try to restrict you to buy at higher prices from them. We have provided links to some popular web hosting services documentation on third-party SSL installation on this page. If your service is not mentioned, check with your hosting service if they allow third-party SSL installation with your web hosting plan.

Can I use any SSL certificate with my website?

SSL certificates are issued to a domain/sub-domain after you prove your ownership of the domain name. They are locked to that domain/sub-domain and will not work with any other domain/sub-domain. know more

Do SSL certificates expire?

SSL certificates are offered for a limited period of time or validity. After that, you need to renew the SSL certificate and get another SSL certificate to replace the old one.

What happens when the SSL certificate expires?

Modern web browsers take secure https access very seriously. If your website's SSL certificate expires they will block access to your website with a scary warning to your website visitor. This will result in a loss of website trust, visitor traffic, and loss of income from ads or sales. know more

Which SSL brands are most trusted and secure?

All of the Certificate Authorities (CAs), whose products we carry, are leaders in the industry and trusted across the world. DigiCert is the largest CA in the world. Their name definitely adds the most value of any CA in the industry. Additionally, GeoTrust, Thawte, RapidSSL, Certum, and Sectigo (previously Comodo) are all trusted and secure CAs.

What is the SSL certificate warranty?

An SSL certificate warranty, also known as a relying-party warranty, covers any damages that your website visitor /user may incur as a result of a data breach or hack that was caused due to a flaw in the certificate. The warranties range in value, which means that the higher value certificates come with more extensive warranties offered to boost the confidence of your user to do business with you online. more details

Can I see which Certificate Authorities have their own Trusted CA root present in browsers?

Yes, the brands that we provide all have their roots included in modern devices and browsers. They all feature 99% or better compatibility, or browser ubiquity.

What is browser ubiquity or browser recognition?

Browser ubiquity or browser recognition basically means how many browsers recognize an SSL certificate and properly display the trust indicators. So, the higher the browser ubiquity of an SSL certificate, the more browsers that recognize and accept it.

How do you define Mobile support?

If your website or online store attracts a lot of visitors from mobile operating systems such as Android, Windows Mobile, Blackberry, Symbian OS, Palm OS or iOS(iPhone, iPad), we would advise you to select an SSL certificate with Mobile Support. This is especially true for mobile devices with older browsers or operating systems. While regular web browsers accept both root and intermediate certificates, many mobile browsers will only accept root certificates and will give SSL errors if they encounter an intermediate certificate.

Mobile web browsers & operating systems covered under Mobile support are as follows:

Mobile Web Browsers

  • ACCESS NetFront
  • Atomic
  • Dolphin HD
  • Fennec Alpha
  • Internet Explorer (All Windows devices)
  • Opera Mini
  • Opera Mobile
  • Openwave
  • Chrome for Mobile
  • Firefox Mobile
  • RIM BlackBerry
  • Safari (iPhone, iPad, and iPod Touch)
  • SkyFire
  • Sony PlayStation Portable
  • xScope

Mobile operating systems

  • Android
  • BlackBerry OS
  • Brew
  • iOS
  • Meego
  • Palm OS
  • Palm WebOS
  • Windows CE
  • Windows Mobile
  • Windows Phone 7/8
  • Maemo
  • Symbian
  • Sailfish OS

How long are your SSL certificates valid for?

All SSL certificates have a validity of 1 year. know more

Which SSL certificate is the best for use?

Only issue SSL certificates from a trusted Certificate Authority (CA) i.e. a CA whose root certificate is included with your web browser. Every trusted CA has a variety of certificates which differ in validity, warranty, type of site seal, etc. You need to choose the one that is right for your website. recommendations

Can I use SSL to cover a domain on an internal network?

You can use an SSL certificate issued by any trusted CA to cover an internal domain if it is an officially registered domain (a public available FQDN). If the internal domain is not a delegated and registered domain, the certificate will not be issued. See: How to request an SSL certificate for an Intranet server

What is the difference between 128- and 256-bit security?

That is the difference between the key lengths used once an SSL connection has been established in the browser. 256-bit security is indeed a bigger key however that does not necessarily mean it is more secure. Experts and research agrees that 128-bit is equally secure for the foreseeable future. The only reason 256-bit security is needed is if it's specifically required by your industry or company policy. All our certificates have the ability to use either bit-length, which one you use is a matter of server configuration, NOT certificate support.

How can I use 256-bit encryption?

256-bit encryption is a server configuration. This has nothing to do with the certificate itself, it is based on your server configuration. To learn this, you should seek information provided by your webhosting platform or operating system. They will inform you how to set this encryption strength up.

What is the difference between 1024-, 2048-, and 4096-bit key lengths?

These key lengths refer to the strength of the private key. You can think of it as the size of the cypher being used to encode your messages. Obviously, 2048-bit private keys are exponentially more secure than 1024-bit ones and are the new standard across the industry and are required during the generation process. While 4096-bit key lengths are even more secure they may not work with all apps as of now.

What is the difference between SHA-1 and SHA-2?

SHA stands for Signature Hashing Algorithm. It's a mathematical hash that proves the authenticity of the certificate. SHA-1 is an older version of the algorithm that is no longer seen as secure by industry experts and major browsers and is not allowed to be used during the generation process by the industry. SHA-2 is the latest version that is widely accepted and viewed as secure by all major browsers and industry experts. The hashing algorithm of your CSR has no relevance to what hashing algorithm is used on the certificate.