When we talk about choosing an SSL, a lot of time is spent talking about your website type, the number of sites you have, and validation levels. Don't get us wrong; all that stuff is pretty important. But it's definitely not the be-all and end-all of SSL certificates. Crucial to your SSL is its issuing Certificate Authority (CA). Whether you're considering choosing Comodo certificates or another respected CA, reputability matters and is central to how your SSL works.
Read on to find out why.
Before we talk about the importance of SSL, it's crucial to know how SSL and the system underpinning all SSL certificates securing sites all over the web work. An SSL certificate is a digital certificate you can install on your server to implement encryption for anyone visiting your website, app, or whatever tech project you happen to be working on right now. For example, if you have a website secured by SSL, people visiting it on their web browser (also known as a client) will be able to communicate with your site via a connection that nobody can eavesdrop on. Only the permitted parties (your server and client) can access their data.
How is this connection made? We're not going to go into all the gritty details right now, but what you need to know is that client and browser engage in a complicated process known as the SSL handshake in order to foster your secure connection. So fast that you wouldn't even notice it, this process involves authentication on both sides. Part of this authentication involves the browser checking who signed your SSL certificate. Who signs SSL certificates? Why, CAs, of course. And if a legitimate, trustworthy CA hasn't signed your SSL, then your site's in trouble.
Why your CA must be trusted
A lot goes into securing websites with SSL. SSL uses processes of public key cryptography to foster secure communications and digital identity verification. It's built on public key infrastructure, a system held together by the work of CAs. Adhering to ideals of Confidentiality, Integrity, and Authenticity, CAs not only create and distribute SSL certificates, but they also verify the entities requesting them and revoke certificates if necessary. For this system to work, trust is paramount. If a CA engages in shady dealings, it will be untrusted by everyone, from tech companies to major web browsers.
And if your SSL's issuing CA isn't trusted, it's unlikely to work in major web browsers. Potential visitors will be met with a "site not secure" message, and they'll be off to your rival's website.
So, if you've decided on the perfect SSL type, don't rush to buy it just yet. Make sure to research the partner CAs of the stores you're browsing to ensure they are legit and trustworthy.