Products
Edge AI
AI Training
GPU Cloud
GPU CloudBoost AI/ML training with servers powered by NVIDIA
AI Inference
Inference at the Edge
Inference at the EdgeAccelerate your ML model inference for fast global performance
AI Applications
Image Generator
Image GeneratorCreate realistic and stunning images with ease
Speech-to-Text Translator
Speech-to-Text TranslatorTranslate from English to Luxembourgish seamlessly
Edge Cloud
Compute
Basic VMs
Basic VMsManage workloads on affordable shared virtual servers
Virtual Machines
Virtual MachinesRun apps on customizable dedicated virtual servers
Bare Metal
Bare MetalDeploy apps on powerful dedicated physical servers
Containers
Managed Kubernetes
Managed KubernetesDeploy, manage, and scale Kubernetes clusters easily
Container as a Service
Container as a ServiceRun containerized apps without server provisioning
Container Registry
Container RegistrySecurely store, manage, and deploy container images.
Function as a Service
Function as a ServiceExecute serverless code functions efficiently
Networking
Load Balancer
Load BalancerRoute traffic optimally to improve app performance
5G Network
5G NetworkDeploy apps and securely connect mobile devices via 5G
Virtual Private Cloud
Virtual Private CloudManage resources in a secure isolated private cloud
Hosting
Virtual Servers
Virtual ServersHost on virtual servers with no traffic restrictions
Dedicated Servers
Dedicated ServersHost on physical servers with worldwide availability
Storage
Object Storage
Object StorageStore data in fast and scalable S3-compatible storage
File Shares
File SharesShare files across servers easily using NFS protocol
Databases
Managed PostgreSQL
Managed PostgreSQLProvision fully managed PostgreSQL databases with ease
Monitoring
Managed Logging
Managed LoggingCollect, store, and analyze application logs
About Edge Cloud
Edge Network
Application Performance
CDN
CDNAccelerate dynamic and static content delivery
FastEdge
FastEdgeDeploy serverless apps with low-latency edge computing
Media Delivery
Video Streaming
Video StreamingDeliver high-quality live and on-demand video at scale
DNS
Managed DNS
Managed DNSEnsure application availability with authoritative DNS
Public DNS
Public DNSProtect online privacy with a free DNS resolver
About Edge Network
Edge Security
Network Security
DDoS Protection
DDoS ProtectionProtect your infrastructure from evolving DDoS attacks
Application Security
WAAP
WAAPSecure apps and APIs from DDoS, bots and OWASP attacks
Solutions
By Industry
Gaming
CDN for Gaming
Game Server Protection
Game Development
Retail
CDN for E-commerce
Media & Entertainment
CDN for Video
Metaverse Streaming
TV & Online Broadcasters
Sport Broadcasting
Online Events
Financial Services
Cloud for Financial Services
Technology
Image Optimization
Web Acceleration
Wordpress CDN
Education
Online Education
By Need
Web Acceleration
Web Acceleration
Image Optimization
Wordpress CDN
Security
Game Server Protection
Video Streaming
CDN for Video
Video Hosting
Live Streaming
Availability
Multi-CDN
Cloud
Web Service
Game Development
Online Store
Migration to the Cloud
ERP in the Cloud
Pricing
Resources
Resources
Blog
Case Studies
Ebooks
Reports
White Papers
Events
Documentation
Docs
API
Product Roadmap
Help Center
Gcore Status
Tools
Looking Glass
Speed Test
Developer Tools
Partners
Partners
Intel
Intel | New CPU Generation
Intel | Ice Lakes
Hesp
Equinix
InData Labs
Ampere
Unum
Programs
White Label Solutions
Referral Program
Why Gcore
Company
About Gcore
Press
Awards
Careers
Legal Information
Platform
Network
Infrastructure
Internet Peering Points
Compliance
Under attack?Under attack?
en
Contact usContact us
Contact us

Select the Gcore Platform

Recommended
Gcore Edge Solutions Go to Gcore Platform → Go to Gcore Platform →

Products:

  • Edge Delivery (CDN)
  • DNS with failover
  • Virtual Machines
  • Bare Metal
  • Cloud Load Balancers
  • Managed Kubernetes
  • AI Infrastructure
  • Edge Security (DDOS+WAF)
  • FaaS
  • Streaming
  • Object Storage
  • ImageStack (Optimize and Resize)
  • Edge Compute (Coming soon)
Show full list
Gcore Hosting Go to Gcore Hosting →
  1. Home
  2. Learning
  3. What are SSL Certificates? Definition, Uses, and Types

What are SSL Certificates? Definition, Uses, and Types

November 17, 2022 5 min read
What are SSL Certificates? Definition, Uses, and Types

What is an SSL certificate?

An SSL certificate is an electronic document that helps your browser ensure that the website you’re trying to open belongs to the desired company. For example, when you visit apple.com, its SSL certificate guarantees that you’re truly visiting Apple’s website and not a fake one created by scammers. This document is installed on the web server where the website is hosted.

Your browser checks whether a website has an SSL certificate every time you open it. If it does, you’ll see the lock icon. If it doesn’t, you’ll see a warning sign. In Google Chrome, for example, it’s the Not secure sign.

Icon indicating whether or not there is an SSL certificate
Icon indicating whether or not there is an SSL certificate

Why are SSL certificates needed?

An SSL certificate helps open the SSL/TLS connection between a browser and a website. This is a secure connection through which hackers can’t steal or substitute transferred data. It means a higher level of security for users. They can send sensitive information without worrying that it will fall into the wrong hands and can rest assured that fraudsters didn’t change important data on the website.

What is SSL?

SSL stands for Secure Sockets Layer. It’s a protocol for encrypting, securing, and protecting an internet connection and private information sent between two systems. This prevents cybercriminals from being able to access and change any transferred information.

Over the years, SSL has been improved and updated to TLS (Transport Layer Security). However, this protocol is still commonly called SSL.

How does SSL provide security?

The SSL/TLS protocol keeps a connection secure in three ways:

  1. Data privacy and confidentiality. The protocol encrypts all web traffic, preventing it from being stolen. For instance, when you pay online, you send your bank card details to the website. If a hacker finds a way to ‘listen in on’ your secure connection, they won’t be able to see or steal your real card number or CVV code. They’ll only see a set of random symbols because the data is encrypted.
  2. Data integrity. Integrity means that transferred data isn’t changed by intruders. For instance, no one has replaced the real payment details with fake ones to make you pay the wrong person. To ensure data is genuine (i.e., unchanged), the SSL/TLS protocol uses hash functions. Two systems that interact over a secure connection constantly compare the hash values of their messages. If they match, the data hasn’t been intercepted and changed.
  3. Authentication. SSL/TLS guarantees that a website belongs to the company or person it claims to. To verify a website, the protocol requires an SSL certificate. You may think of a certificate as a blue verification checkmark on Instagram. It helps people avoid fake accounts and be confident that a public figure, organization, or brand is real. The same applies to websites. If they have an SSL certificate, you can trust them.

Who issues SSL certificates?

They’re issued by certification authorities (CA). A CA is a company or organization that validates the identities of entities (such as websites, email addresses, companies, or individual persons) and binds them to cryptographic keys through the issuance of electronic documents known as digital certificates.

How is an SSL certificate verified?

When a user requests a webpage, the server that hosts it sends them a response. It includes a website certificate and other data required for further interaction. To verify a certificate, the browser has to check if:

  1. The certificate has a digital signature from a certification authority (CA)
  2. The CA is on a trust list. Trust lists are pre-installed in your OS and browser
  3. The certificate covers the domain name you’re visiting
  4. The certificate hasn’t expired yet
  5. The certificate hasn’t been revoked. Once issued, a certificate can’t be taken back from its owner. If a CA realizes that a certificate has been compromised or its owner is no longer on the trust list, it can revoke the certificate by adding it to a specific database. Browsers cross-check these databases to ensure the certificate is still valid.

If the certificate meets all the requirements, the browser starts trusting it as much as it trusts the associated CA.

How to view a website’s SSL certificate

1. Click the padlock icon to the left of the URL.

2. The dropdown menu will open. It may look different in different browsers. This one is Google Chrome. Click Connection is secure.

3. Click Certificate is valid.

4. You’ll see general and detailed information on the certificate.

Types of SSL certificates

There are various types of SSL certificates, each with its own unique level of validation.

  • Domain Validated certificates (DV SSL). Domain Validated SSL certificates provide low assurance and require minimal validation. They’re utilized for blogs or informational websites that don’t gather data or conduct online payments. This SSL certificate is cheap and easy to get. Website owners must respond to an email or phone contact to validate domain ownership. The browser address bar shows HTTPS and a padlock but no business name.
  • Extended Validation certificates (EV SSL). Certificates of this type are the most costly and prestigious. They are typically used for large, high-traffic websites that collect data or process online payments. If installed, this type of SSL certificate will cause the browser’s address bar to show the lock icon, “HTTPS”, the company name, and the country where the company is based. The address bar should show the website’s owner to differentiate between legitimate and fraudulent websites. For an EV SSL certificate to be activated, the website owner must undergo a regular identity verification procedure to prove they are the rightful owner.
  • Organization Validated certificates (OV SSL). This SSL certificate offers a similar level of assurance as the EV SSL one because the website owner must complete a validation process. This type of certificate shows the website owner’s information in the address bar to distinguish fraudulent websites. OV SSL certificates are the second-most premium type of certificate (after EV SSLs) that commercial or public websites need an OV SSL certificate since it provides an extra layer of trust by authenticating the business identity and legitimacy.

How to choose an SSL certificate. A comparison chart

SSL certificate typeWhat’s in it for me?Perfect for:
DV certificate with domain validationThis certificate is linked to your domain name and makes sure that your website’s data is encoded correctly. A DV certificate is issued within 5 minutes.Websites, blogs, informational websites
OV certificate with organization validationYou need this certificate for e-commerce and online sales. An OV certificate shows who owns a website and displays the company name. Fraudsters won’t be able to get this certificate because they won’t be able to pass the validation check.Online store, log-in screens
EV SSL certificateThe most expensive and prestigious certificates. They are used for high-traffic websites that collect data or process payments. With this type of SSL certificate, the browser’s address bar shows the company name and its country.Global banks, enterprises

If you’re interested in a price comparison, visit our SSL certificate page to find relevant prices and easily compare them.

How can a website get an SSL certificate?

SSL certificates are important for online transactions and securing data. Want to know where and how to get one for a website? Follow these steps:

  1. Make sure the information on your website is correct by using ICANN Lookup.
  2. Choose a CA. You can purchase a certificate from your web host provider or a certificate vendor (e.g., Rapid SSL, Comodo, Thawte).
  3. Generate a private key and CSR (Certificate Signing Request). You can reach out to your web hosting support for assistance. Don’t share your private key with anyone!
  4. Submit your CSR. Wait for the CA to validate your website and issue a certificate for your website.
  5. Configure your web server to use the certificate.

In Gcore, you can easily do this in our control panel on the Order an SSL certificate page.

Short summary

An SSL certificate is a digital certificate that helps verify a website owner. It’s an essential part of a secured SSL/TLS connection. All data sent over SSL/TLS is encrypted. Even if a hacker intercepts data, they won’t be able to use it because they can’t decrypt it. An SSL/TLS connection also protects transferred data from being changed by intruders.

If you’re a user, we recommend not sending sensitive information to a website without an SSL certificate. You can verify the certificate by looking at the browser’s URL bar. If it says “secure” with a padlock icon, the website has an SSL certificate.

If you’re a website owner, we recommend getting an SSL certificate. It enforces your website security and builds clients’ trust in your brand.

Table of contents

Try Gcore Web Security

What are SSL Certificates? Definition, Uses, and Types

Related articles

What is a DDoS attack?
What is a DDoS attack?
A DDoS (distributed denial-of-service) attack is a type of cyberattack in which a hacker overwhelms a server with an excessive number of requests, causing the server to stop functioning properly. This can cause the website, app, game, or other online service to become slow, unresponsive, or completely unavailable. DDoS attacks […]
November 7, 2024 4 min read
10 Common Web Performance Mistakes and How to Overcome Them
10 Common Web Performance Mistakes and How to Overcome Them
Web performance mistakes can carry a high price, resulting in websites that yield low conversion rates, high bounce rates, and poor sales. In this article, we dig into the top 10 mistakes you should avoid to boost your website performance. 1. Slow or Unreliable Web Host Your site speed begins with […]
September 9, 2024 6 min read
5 Ways to Improve Website Speed for E-Commerce
5 Ways to Improve Website Speed for E-Commerce
In part 1 of this guide, we explained why site speed matters for e-commerce and how you can track your current speed. Now, speed up your page load times with these five techniques. #1 Assess Your Current Site Speed First, check your site’s current performance. Use tools like Google PageSpeed Insights or […]
August 22, 2024 3 min read
What Website Speed Is and Why It Matters for E-commerce Success
What Website Speed Is and Why It Matters for E-commerce Success
Website visitors are more impatient than ever—websites that take longer than three seconds to load lose more than half their visitors. For an e-commerce business, that translates to losing half its potential sales, which is bad news for revenue. In this article, we explain what e-commerce website speed is, how […]
August 21, 2024 3 min read
How to Spot and Stop a DDoS Attack
How to Spot and Stop a DDoS Attack
The faster you detect and resolve a DDoS (distributed denial-of-service) attack, the less damage it can do to your business. Read on to learn how to identify the signs of a DDoS attack, differentiate it from other issues, and implement effective protection strategies to safeguard your business. You’ll also discover […]
July 24, 2024 3 min read
Improve Your Privacy and Data Security with TLS Encryption on CDN
Improve Your Privacy and Data Security with TLS Encryption on CDN
The web is a public infrastructure: Anyone can use it. Encryption is a must to ensure that communications over this public infrastructure are secure and private. You don’t want anyone to read or modify the data you send or receive, like credit card information when paying for an online service. […]
July 16, 2024 4 min read
How Edge AI Solves 5 AI Inference Workload Challenges
How Edge AI Solves 5 AI Inference Workload Challenges
AI workloads are all the computational processes required to run AI behind the scenes, including during training and inference. These intensive workloads require massive computational resources, making them expensive, complex, and slow to run. At least, that’s the case when using a traditional cloud AI infrastructure. Edge AI is a […]
July 4, 2024 4 min read
Real-Life Applications of Low-Latency Edge Inference
Real-Life Applications of Low-Latency Edge Inference
Businesses using AI are encountering a major challenge: latency. It’s frustrating for customers when they’re kept waiting for a chatbot to process their ecommerce return, stuck with a jittery, lagging game, or reading TV subtitles that are a few seconds behind the action. Enter edge AI. This powerful technology minimizes […]
July 1, 2024 6 min read

Subscribe
to our newsletter

Get the latest industry trends, exclusive insights, and Gcore
updates delivered straight to your inbox.
Subscribe