SSL ... It's a Security Thing

Monday, April 27, 2026

Like the Old West, the internet was wild in the old days. There were few safety nets and lots of potential for bugs and worms and viruses to spread. Over time security measures were introduced, to close the holes that allowed renegades in.

SSL (secure socket layer) Certificates check the validity of a site and are a "must have" today. Almost all browsers -- Firefox, Chrome, MS Edge, etc -- will flag a website as potentially dangerous if it doesn't have an SSL certificate.

This makes Hosting vendors happy! They can charge for an SSL certificate; prices rising with the level of security. Some hosting vendors will offer the simplest, lowest level SSL validation for free.

How do you or I know the difference? Website addresses begin with HTTP. A site with SSL begins with HTTPS. We just don't know what level of security is in force.

Today, there are 4 main levels for the average user.

1. Let's Encrypt: a free SSL open-source certificate, only validates domain, no subdomain validation; identity of the website is not verified to the same extent as a website with Extended Domain Validation; re-issuance every 90 days.

2. Single Domain SSL Certificate: applies to one domain and one domain only.

3. Wildcard SSL Certificates: are for a single domain and all its subdomains.

4. Multi-Domain SSL Certificates (MDC): covers multiple distinct domains on one certificate.

The last three are usually paid 1 year subscriptions with renewals and have easier installs with vendor support. The level of security you'll want depends on the function of your site. Financial institutions like banks and traders need the most secure and may be working at levels I don't even know about.

If you receive payments on your website, you'll probably want one of the paid levels. But if you don't, then free Let's Encrypt SSL is probably fine.

Not having SSL certifications does not make your site bad, but it does get flagged by most browsers. And that may deter people from visiting your site.