Knowledge Base

Introduction to SSL

This article is an introduction to key SSL concepts. If you plan on installing SSL certificates on your web site, this article provides the background information you need.

What is SSL?

SSL (Secure Sockets Layer) enhances a web site's security by providing two important features: encryption and authentication.

  • Encryption means that the data sent between your web site and users is unreadable by others. When a user accesses your site using an SSL connnection (URLs that begin with https://), the web server and web browser exchange encrypted information. Contrast this with unencrypted web transactions, which are transmitted as plaintext and subject to eavesdropping.
  • Authentication means visitors can trust that you actually are who you claim to be. When users access your site using an SSL connection, they can be confident that they are seeing your site, and not an impostor's. Whereas encryption helps protect data, authentication helps prove your identity to others.

When users visit an SSL-enabled site, most web browsers display a lock icon (usually in the address bar). To enable SSL for your own web site, you must obtain and install a certificate.

Does my web site need SSL?

If your web site handles personal data or any kind of payment-related information, you need an SSL certificate. Additionally, if your web site contains login forms where users log in with a username and password, you should protect their information with SSL. This helps prevent malicious actors from eavesdropping and stealing login credentials.

Most Webhost.Berlin servers support Server Name Indication (SNI), which means SSL certificates do not require a dedicated IP address to work correctly. However, to ensure complete compatibility, you should consider purchasing a dedicated IP address. For more information about SNI support at Webhost.Berlin, please see this article.

How do I obtain an SSL certificate?

There are several ways you can obtain an SSL certificate for your web site:

  • You can order an SSL certificate from Webhost.Berlin. With this method, you first order an SSL certificate on the Webhost.Berlin web site. Next, you provide basic information (domain, name, address, and so on) that is used to generate the SSL certificate. You then receive an e-mail message that contains the SSL certificate you install on your web site.
    For information about how to install an SSL certificate from Webhost.Berlin, please see the Related Articles section below.
    Please note that it may take a day or two to process an order and generate the SSL certificate.
  • You can use a Let's Encrypt certificate. Using an SSL certificate from a recognized Certificate Authority is recommended for best results when enabling SSL. Let’s Encrypt is a free, automated, and open certificate authority and is recognized by most modern browsers. Let's Encrypt is supported for all new Webhost.Berlin accounts and certificates may even be generated automatically for immediate use. For details regarding Let's Encrypt for your account type, please see the Related Articles below.
  • You can order an SSL certificate from a third-party provider (such as VeriSign, Thawte, or others). To obtain an SSL certificate from a third-party provider, you must first create a Certificate Signing Request (CSR). The provider uses the CSR to generate the certificate. After you receive the SSL certificate from the provider, you can install it on your web site.
    For information about how to install an SSL certificate from a third-party provider, please see this article.
    Please note that it may take a day or two to process an order and generate the SSL certificate.
  • You can use a self-signed certificate. With a self-signed certificate, your site can provide encryption, but absolutely no authentication. (This is because you, and not a Certificate Authority, have signed the certificate.) As a result, users receive warning messages in their browsers when they try to access secure areas of your site. Self-signed certificates are primarily used for testing or development, and should not be used in a production environment.
    For information about how to install a self-signed SSL certificate, please see this article.
  • If you have a shared hosting account, you can use the server's shared SSL certificate to secure your site. However, the https:// URL will not contain your domain name. Instead, the URL will look similar to https://username-www50.ssl.supercp.com, where username represents your account username. If you want to request shared SSL for your account, please open a support ticket on the Webhost.Berlin Customer Portal at https://berlin.hosting.