What is an SSL certificate, and how do I get one?
It’s possible to use SSL security for your Web site on our servers. Doing so allows you to display secure, encrypted pages to your visitors.
You’ve probably seen SSL security in action when you purchased something online: your Web browser activates the “lock” icon and tells you that your connection is secure. Encrypted pages are used to submit credit card numbers, passwords, and other sensitive information.
To use SSL security on your Web site, you need what’s called an “SSL certificate”. The SSL certificate serves two purposes: it allows your visitors to encrypt the information they send to your Web site, and it proves your identity to visitors.
On this page:
- Getting an SSL certificate
- What browsers do Let’s Encrypt certificates work with?
- Limitations of free Let’s Encrypt certificates
- A reminder about credit card number security
- Can I get an Extended Validation (EV) SSL certificate?
- Can I use third-party SSL certificates on my site?
- Does Tiger Technologies offer SSL certificates for use on other servers?
Getting an SSL certificate
SSL certificates used to be expensive, but we now provide free certificates from an organization called Let’s Encrypt, which is sponsored by Google, Mozilla, the Electronic Frontier Foundation, and others.
To add a Let’s Encrypt certificate to your site, login to the “My Account” control panel and click SSL Certificate. It usually takes about one business day to add an SSL certificate.
What browsers do Let’s Encrypt certificates work with?
The free Let’s Encrypt certificate, installed on a free shared IP address, should work for visitors using any popular desktop browser and operating system released in 2007 and later, or any mobile browser and operating system released in 2010 and later. This covers almost everyone.
The certificate can also work with older browsers, notably Internet Explorer 6 and other browsers running on Windows XP, if you do two extra things:
- Purchase a dedicated IP address.
- Enable SSLv3, which is not usually recommended because it reduces security. (Most credit card companies won’t allow this, and therefore won’t allow you to accept credit card numbers from people using Windows XP at all.)
Limitations of free Let’s Encrypt certificates
In a small number of cases, a free Let’s Encrypt certificate may not be appropriate. We also offer paid AlphaSSL certificates that are a little more flexible. In particular, AlphaSSL certificates:
- Can be installed for your site even if the hostname doesn’t yet point at our servers;
- Can be made to work for “wildcard” subdomains, where you don’t need to specify the list of possible hostnames in advance; and
- Can work with some unusual SSL client software, including direct connections from Java applets.
Other than these differences, AlphaSSL certificates work identically to Let’s Encrypt certificates.
AlphaSSL certificates cost $2.00 per month for a basic certificate and $5.00 per month for a wildcard certificate. If you want to order one of these, please contact us instead of using the “My Account” Let’s Encrypt certificate order form.
A reminder about credit card number security
When you use an SSL certificate to collect credit card numbers, remember that it only protects the visitor’s card number as it passes between his or her Web browser and your site. It does not help you securely store credit card numbers in a file or a database on the Web server, nor does it send the card numbers to you securely afterwards. Be sure your e-commerce system handles that end of the transaction in a secure manner (usually by using encryption to safely forward the data to another server at your credit card company).
Can I get an Extended Validation (EV) SSL certificate?
We don’t currently offer Extended Validation (EV) certificates, which require stricter checking (including review of your business records).
However, if you buy an EV certificate from another SSL company, we can usually install it on our servers for your site, as described below.
Can I use third-party SSL certificates on my site?
If another company has provided you with an SSL certificate that you want to use instead of Let’s Encrypt certificate, we can usually install it for you at no extra charge. You’ll need to provide us with:
- the private key file;
- the certificate file; and
- any “intermediate certificate” files.
In addition, the key file must not require a password to be entered when the web server is started.
Does Tiger Technologies offer SSL certificates for use on other servers?
No. We only provide SSL certificates for Web site hostnames that are directly hosted on our Web servers. We don’t sell or provide certificates for use with other servers, and you can’t export the certificates we generate for use elsewhere.
If you need a certificate for other servers, you can probably get them yourself from the Let’s Encrypt service, completely unrelated to us.