Why charities should use SSL certificates

How does a visitor know you are using an SSL certificate?

Websites secured with SSL certificates have a web address starting with "https://" rather than "http://.". A padlock icon is also displayed in the browser before the web address.

Clicking on the padlock will reveal details about the certificate, which will usually include the name of the owner and the name of the CA.

How does this keep credit card details secure?

This is where things get a little more complicated – and to understand the answer to this question completely you need to know about something called Public Key Infrastructure (PKI).

But all you really need to know is that an SSL certificate also includes an encryption key that a visitor to your site’s web browser can use to encrypt credit card details and other information so that it can be sent to your charity’s site securely. Should a hacker intercept the details they would not be able to read them because they are encrypted.

What are the different types of certificates?

When a CA certifies a certificate, there are three levels of certification leading to three types of certificate:

• Domain Validated (DV): These certificates undergo the least rigorous certification and charities should generally ignore the DV option
• Organisation Validated (OV): A CA is required to verify that your charity owns a particular domain name to certify an OV certificate, so site visitors can be sure that the site is genuine
• Extended Validation (EV): A CA is required to check more documentation about your charity before certifying an EV certificate. That means that EV certificates may take longer to issue and cost more than OV certificates. But because EV certificates engender more trust than OV certificates they are a good choice for a charity that accepts donations or carries out e-commerce from its website

How do you get SSL certificates?

The process involves generating an SSL certificate and other digital files which support it, submitting it to a CA, and putting the verified SSL certificate on the web server that hosts your site.

Many CAs can create and certify SSL certificates for you. Among the most popular CAs are:

• Comodo SSL
• DigiCert
• GeoTrust
• GlobalSign
• RapidSSL
• Thawte

You can compare prices and buy SSL Certificates from all of these CAs through the SSL Store.

To get an idea of the time and cost involved, Thawte offer an EV certificate for about £100 per year, with a turnaround time of about three days.

How do you install SSL certificates?

Many charities use a web platform such as WordPress or a web hosting company to host their website. The good news is that many of these organisations can arrange for SSL certificates to be created and installed for you.

Other hosting organisations have automated the process. You may be able to log in to your web hosting account and choose an option to add SSL certificates through the popular cPanel, Plesk, or some other control panel. This will take you step-by-step through the process of uploading a certificate and other files to your website.

If your charity hosts its web site on its own server then the web server administrator will be able to handle the installation of SSL certificates.

One final thing to remember is that once your certificates are installed, your charity’s web address will change from ’’ to ’’. That means that you have decide what happens when anyone tries to visit the old ’’ address.

The most common option is to redirect "http://" traffic to "https://." automatically. Other options are simply to block the old address, or to allow visitors to the old non-SSL certificate protected version of you site.