About SSL/TLS & digital certificates
What is SSL/TLS?
SSL/TLS is a technology that creates an encrypted connection between the web server and your visitor’s web browser so that confidential information can be transferred securely.
While a separate IP address was previously required, this is no longer required.
What is an SSL/TLS Certificate?
An SSL certificate is a form of validation that is installed on the web server. All of our hosting packages now include Domain Validation SSL certificates by default.
Your secure site is accessed via https:// rather than http:// and indicated by a padlock icon in web browsers. Extended Validation (EV) certificates also show a green address bar.
A site’s SSL certificate can be viewed by clicking on the padlock icon in the address bar. Pay particular attention to the information under Details, which provides the validated company information (if any).
Digital certificates are issued directly by a trusted certificate issuing authority (eg. Thawte, Comodo, Let’s Encrypt).
SSL/TLS certificates – which one is right for you?
All SSL certificates offer the same levels of encryption but differ according to validation levels – the extent to which the domain is vetted and proven to be linked to a particular organisation. The validation level does not affect the security level but rather reflects levels of user trust i.e. the more you need users to trust your website’s authenticity, the higher level of validation certificate you will choose.
1. Domain Validation (DV)
These SSL certificates validate the domain name against registry records. No organisational information is vetted or displayed on the certificate.
- Displays a padlock icon in the browser address bar, and no company information on the certificate.
We offer free Let’s Encrypt SSL certificates with all websites.
2. Organisational Validation (OV)
Also called Web Server certificates, these SSL/TLS certificates validate the domain ownership as well as the organisation’s identity. Some organisational information is displayed on the certificate.
- Displays a padlock icon in the browser address bar and some company information on the certificate.
OV certificates should be obtained directly from a Certification Authority of your choice, and we will install the certificate on your domain.
3. Extended Validation (EV)
These SSL/TLS certificates validate the domain ownership, organisational identity as well as the legal existence of the organisation i.e. an extended validation of the business or organisation is required. The green address bar provides the highest level of trust to users that the company is legitimate.
- Suited to credit card transacting websites, banks or financial institutions, or any site that could potentially be the subject of a phishing scam.
- Displays a green address bar as well as a padlock icon in the browser address bar, and company information on the certificate.
Extended Validation certificates should be obtained directly from a Certification Authority of your choice, and we will install the certificate on your domain.
Note:
SSL/TLS does not include software to process credit card transactions. Although you can securely receive credit card information through SSL/TLS, actual processing of the credit card will require a ‘Merchant Account’ from an accredited financial institution.
Pricing & Ordering
- Let’s Encrypt Domain Validation SSL/TLS certificates are included free with all hosting packages and are installed and renewed automatically. Installation is dependent on both A records (@ and www) pointing to the xneelo hosting server’s IP address.
- Certificates may be ordered directly from other Certification Authorities e.g. Thawte, Comodo, GoDaddy and forwarded to us for installation. A once-off setup fee applies for this manual installation.
- See How to order and install an SSL certificate
All xneelo-hosted domains have access to a free Let’s Encrypt SSL certificate, which can be used to secure both your email and your website.
