An SSL certificate (Secure Sockets Layer certificate) is a small digital file that binds a cryptographic key to an organisation's details. When installed on a web server, it activates the padlock icon in the browser and the https:// protocol, enabling secure connections from the server to a browser.
What Does an SSL Certificate Do?
- Encrypts data — All data sent between the visitor and the server is encrypted so third parties cannot read it.
- Authenticates the server — It proves the website belongs to the organisation shown in the certificate.
- Builds trust — The padlock icon reassures visitors their connection is private.
Types of SSL Certificates
- DV (Domain Validation) — Basic, verifies domain ownership only. Issued in minutes. Most common.
- OV (Organisation Validation) — Verifies the business behind the domain. Used by companies.
- EV (Extended Validation) — Highest trust. Shows company name. Used by banks and financial services.
- Wildcard — Covers a domain and all first-level subdomains (
*.example.com). - Multi-domain (SAN) — Covers multiple different domains in one certificate.
Free vs Paid SSL
Let's Encrypt issues free DV certificates trusted by all major browsers. Paid certificates from DigiCert or Sectigo add insurance, higher validation levels and longer validity. Most websites — including e-commerce — work well with free DV certificates.
Common SSL Problems
- Expired certificate — the most frequent issue. Browsers show a security warning.
- Domain mismatch — certificate issued for a different domain.
- Self-signed certificate — not issued by a trusted authority; browsers warn visitors.
- Mixed content — HTTPS page loading HTTP resources.
Use the free SSL Checker tool to verify any website's certificate instantly.