Smart to be Secure: Choosing the Right SSL Certificate for an E-Commerce Site

Now more than ever before it’s very important for any website that allows for transactions between vendor and purchaser to have an SSL certificate. This is in large part because Google’s newest update is now geared to make any site without one very visible to anyone visiting it. In fact it’s actually even taking punitive measures against sites that don’t feature an SSL cert. In previous versions, websites with an SSL would get an SEO boost, but now any HTTP websites with any kind of text input will be tagged with a “Not Secure” warning prominently – and painfully – displayed in the address bar.

Here at 4GoodHosting, we pride ourselves on being a Canadian web hosting provider that has something for everyone when it comes to taking your venture, business – or even just yourself – onto the World Wide Web. A good many of our customers are in business online, and we’ve been offering quality, affordable SSL certificates for many years now. Some people many not like this new reality, but it is what it is and in the big picture of things it’s a positive as identity theft and fraud are ever-increasing threats to those making transactions online.

Let’s start with a little self-diagnostic tip. If your website is displaying the ‘Not Secure’ status, ask yourself these two questions:

  1. Is your website set up for taking text input? This can include contact forms, search bars, login panels, etc.
  2. Are you using HTTP://?

Answer “yes” to both of these questions and – long story short – you need to install an SSL certificate for your website. But let’s dig into this deeper.

Difference between a Shared SSL and a private SSL Certificate?

There are differences. The two types of SSL available for a website are Shared SSL and private SSL certificates. Free SSLs are a third one, but there are plenty of reasons why you should stay away from free SSLs and we’ll get to that.

We’ll start by making clear that there is no difference between a Shared SSL and a private SSL certificate as far as the level of encryption is concerned, or how effective that encryption is.

The difference between a shared and private SSL certificate lies primarily in the URL of the encrypted website and the cost of purchasing them.

Shared SSL

Shared SSL means the SSL certificate is installed on the web server, and that means you are sharing the SSL with other hosting accounts on the web server in a shared hosting environment. Rather than https://yourdomain.com, your URL will then be https://youraccount.4goodhosting.com.

While a shared SSL certificate is an affordable site security solution, it’s not always ideal and here’s why.

  1. The SSL not installed on your domain name

Due to the fact you’re using your web server’s shared SSL, the SSL is not linked specifically to your domain name, but instead to the shared server’s domain name. This may resulting in the web browser sending an alert or certificate warning to your visitors when they try to access your site – the problem being that the domain name they are visiting doesn’t match the domain name listed there on the SSL certificate.

To summarize, shared SSL certs are best used in situations where the need is for a secure connection to the server that will not be seen by the general public. This could be when logging into webmail or the admin area of your website, as one example.

  1. No business name is on the certificate

Another drawback to a shared SSL certificate is that your business name is not on the certificate. While there is a lot of information found on an SSL certificate:

  • Validity period
  • Issuing certificate authority (CA)
  • The domain of issuance
  • The company operating the website

The business name isn’t one of them

SSL Certificate details can be viewed on your web browser. I you are using Google Chrome, you can get the scoop on a website’s SSL certificate by going to More tools > Developer tools > Security.

You can also view a SSL certificate’s details in other browsers – Firefox, Safari and Internet Explorer – depending on your preference.

Making this information available to your visitors will help them make a comfortable determination who they are doing business with, as well as assuring them that the website is safe. Keep in mind though that because the shared SSL is issued to the shared web server, your business name will not be on it. Yes, your website is protected by the SSL certificate, but it will not have foster the same of level of trust in the visitor that a private SSL certificate will.

  1. Some shopping carts require you to use a private SSL

There are many other eCommerce solutions out there that work well with a shared SSL, but shared SSL is not recommended for any eCommerce website. It’s worth nothing that a number of major banks will not issue internet merchant accounts to business utilizing a shared SSL certificate.

It’s helpful to understand further that in order to accept credit card information on your website, you must pass certain audits and validations showing you to be in compliance with the PCI (payment card industry) standards, and one of the requirements is a properly installed SSL certificate.

  1. Google offers more credit to private SSL certificates

These days some are asking whether a shared SSL would affect search engine rankings, and the verdict seems to still be out on that one. Many experts, however, believe that Google favours websites coming with their own SSL certificate.

What about free SSL certificates?

It’s not difficult to find companies that offer free SSL certificates. Avoid, and here’s why:

  1. They maz not come from a globally trusted certificate authority, and Google might not actually trust the certificate at all. By the time you become aware of that the damage may well already be done is as far as your SERPs and lost customers
  2. They might not be insufficiently encrypted. SSLs come in various encryption strengths. Any free SSL certificate is going to be of the weakest possible encryption.

Private SSL Certificate

Purchasing a private SSL certificate is the smart choice, and decidedly affordable too.

You can purchase an SSL certificate and a dedicated IP (which is required for the SSL installation) as an add-on to your current hosting plan. Purchase both from 4GoodHosting makes the process quick and easy,, but SSL certs purchased elsewhere can be installed through your cPanel.

Another cost and time effective option is 4GoodHosting’s Advanced Hosting plans. Included as part of the plan is a private SSL certificate which will protect the domain with 100% reliability.

You can find more information about our advanced plans here.

Let’s keep people darkening your virtual door, and keep you standing in good stead with Google!

Post Navigation