The Purpose of Using an SSL Certificate on a Website

6 votes, average: 3.67 out of 56 votes, average: 3.67 out of 56 votes, average: 3.67 out of 56 votes, average: 3.67 out of 56 votes, average: 3.67 out of 5 (6 votes, average: 3.67 out of 5, rated)

As they say in Chernobyl: SSL isn’t a choice, it’s a lifestyle

Before I came to, I had no idea what SSL even was or what the purpose of using an SSL certificate on a website was. In fact, when I heard the word certificate I started picturing diplomas and participation awards—not digital files. But that’s just me, I’m a newspaperman in a digital apps world.

It took me some time to understand the nuances of SSL, and I’ll be the first to admit I still have to look a few things up. [Editor’s Note: Or you just make wild outlandish claims… but who’s keeping track?] There are a lot of moving parts, a lot is going on under the hood. And none of that is germane to what we’re about to talk about.

Today we’re going to talk about why we use SSL on websites [The Purpose of SSL certificate]. To make this more digestible, let’s break this into two categories:

  • Why you SHOULD have SSL
  • Why you HAVE TO have SSL

Because it’s no longer optional. I mean, I guess it is, but it’s like a driver’s license, while you can operate a car without one, it’s going to get you into trouble when the right people find out.

Anyway, we’ll get to that in a few moments, first let’s start with why you SHOULD have SSL.


An SSL Certificate is a digital file that facilitates encryption between a web server and a web host. It prevents your communication from being intercepted or manipulated by eavesdropping third parties.

Now, why is this important? Well, think about the things that get communicated across the internet on a regular basis—everything from login credentials to banking info. There’s a lot of sensitive information out there. If you’re collecting any of it, you need SSL to secure it. Otherwise, all that information can be stolen. Many industries, like the Payment Card Industry, mandate SSL be used for that exact reason: it secures sensitive data in transit.

But even if you’re not collecting personal information, SSL is still a good call. By serving your website over HTTPS, you gain access to advanced browser features, HTTP/2 and avoid browser warnings.

You can also block content injection, which means that ISPs can’t steal your ad revenues by injecting their own ads.

It’s also worth mentioning that higher value SSL certificates (OV and EV) can also supply verified business information that helps keep your customers safe from phishing.

Why You HAVE TO Have SSL

Now let’s flip things over and talk about why you’re being required to add SSL encryption. The browser community, bossy group that they are, has started an industry-wide push for universal encryption.

Why do we care what the browsers think? Well, because it turns out they wield quite a bit of power on the internet. Don’t believe me? Try to use the internet without your browser. You can’t! 99.9% of the population would be lost without their browser.

This positions the browsers between users and the websites that populate the internet. Now if you’re running a website, and you want customers, visitors, patrons, subscribers – whatever you call your target audience – to visit, then you need a browser to bring them to you. Owning a website that can’t be reached by browsers is like being a landlord in Chernobyl—nobody’s ever going to see all that hard work.

And yes, that’s right, if you run afoul of Google it will literally crater your $#!% like Chernobyl. Wait, was there an actual crater at Chernobyl? [Editor’s Note: I think it was just a meltdown] Whatever, you’ll be radioactive and everyone will abandon you and you’ll die a slow ignominious death and become but a footnote to history. I’m kidding. You’re not getting a footnote.

Let’s get this back on track. [Editor’s Note: Yes, let’s] the browsers are moving to mandate encryption and they’re doing this with warnings of increasing severity. It started in January of 2017 when websites with insecure password fields were marked as “Not Secure.” And it’s going to continue ramping up until any website without SSL is labeled “Not Secure.”

Think about that, honestly, who’s going to come to your website against Google’s suggestion. It’s Google. When is Google wrong? Need to know how tall Brad Pitt is? Google knows. Need to know where to buy YooHoo? Google knows. So why wouldn’t Google know about this? People trust Google. And if Google tells them you’re a bad boy, they’re not going to ignore that. It’s also worth mentioning that unlike the bad boys from high school, bad boy websites don’t get much action.

Let’s Wrap This Up

Let’s review what we’ve learned:

  • SSL Certificates encrypt communication between websites and their visitors
  • Without encryption, all communication can be intercepted or manipulated
  • Many industries like the Payment Card and Healthcare industries mandate SSL
  • Any website that collects personal information needs an SSL certificate
  • In 2017, the web browsers started pushing a universal encryption initiative
  • By 2018, all websites without SSL will be marked “Not Secure”

Remember, SSL isn’t just a choice anymore. It’s mandatory. But that’s not the only reason you need encryption. It truly is an internet best practice at this point. In an age when personal privacy is being emphasized more than ever, being able to secure information in transit is integral to your website’s success. And being marked “Not Secure” by Google is tantamount to its failure.

Don’t let Google Chernobyl your website. Get SSL.

Stay cautious, my friends.


Buy SSL Certificates at Low Prices

RapidSSL Logo

Protect a website using the best SSL certificate at low prices from trusted SSL Brands.