Definition
An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and enables an encrypted connection between a web server and browser. Though technically superseded by TLS (Transport Layer Security), the term "SSL" is still commonly used. SSL certificates contain the website's public key, the certificate authority's digital signature, and identity information. They enable HTTPS connections, protecting data in transit and building user trust.
Examples
Certificate Information
Key fields in an SSL certificate.
Certificate:
Subject: CN=example.com
Issuer: CN=Let's Encrypt Authority X3
Validity:
Not Before: Jan 1 00:00:00 2025 GMT
Not After: Apr 1 00:00:00 2025 GMT
Public Key: RSA 2048 bit
Signature Algorithm: SHA256withRSA
SANs: example.com, www.example.comCertificate Types
Different validation levels for SSL certificates.
| Type | Validation | Use Case | Cost |
|----------|-------------------|-----------------------|--------|
| DV | Domain only | Blogs, small sites | Free-$ |
| OV | Organization | Business websites | $$ |
| EV | Extended | Banks, e-commerce | $$$ |
| Wildcard | *.domain.com | Multiple subdomains | $$ |Use Cases
Securing website connections (HTTPS)
Protecting user data in transit
Building customer trust with security indicators
Meeting PCI DSS compliance requirements
Best Practices
- Monitor certificate expiration dates
- Use automated certificate renewal (Let's Encrypt)
- Implement HSTS for HTTPS enforcement
- Use strong TLS versions (1.2 or 1.3)
- Monitor certificate transparency logs
Common Mistakes
- Letting certificates expire unexpectedly
- Not monitoring all certificates (subdomains, etc.)
- Using weak TLS versions or cipher suites
- Mixed content warnings (HTTP resources on HTTPS pages)
FAQ
Related Tools
Put SSL Certificate Knowledge Into Practice
Start monitoring your infrastructure with WizStatus.
No credit card required • 20 free monitors forever