TL;DR: An SSL certificate (technically TLS) is a small file on your web server that encrypts the
connection between your site and your visitors and proves your site is who it says it is. It's what turns
http:// into https:// with the padlock. Yes, you need one — and you can get one
free. Scan your domain free to check your HTTPS setup.
What an SSL certificate actually does
Two things: encryption (so no one on the network can read or tamper with the data between browser and server — passwords, form fields, payments) and identity (it's issued to your domain, so visitors know they're really talking to you). Without it, browsers show a "Not secure" warning and traffic travels in the clear.
Do you really need one?
Yes — for any site in 2026. Browsers flag non-HTTPS pages as insecure, search engines favour HTTPS, and modern browser features won't work without it. There's no downside: certificates are free and automated.
The certificate types
| Type | What it verifies |
|---|---|
| DV (Domain Validation) | You control the domain. Instant, free, fine for most sites. |
| OV (Organization Validation) | Your organisation's identity is checked too. |
| EV (Extended Validation) | The strictest identity vetting (less visible in browsers now). |
| Wildcard | Covers *.yourdomain.com — all subdomains at once. |
For most small businesses, a free DV certificate is all you need.
How to get one (free)
- Let's Encrypt — free, automated certificates most hosts support out of the box.
- Your host or CMS — many enable HTTPS with one click.
- Cloudflare — provides a free certificate at the edge when your DNS is on it.
After installing it, redirect HTTP to HTTPS so every visitor uses the secure version, and add a CAA record to control which authorities can issue certificates for you.
Common certificate errors
- Expired — renew it (automate renewal so it never lapses).
- Name mismatch — the certificate doesn't cover the exact hostname being visited (e.g.
wwwvs root). - Incomplete chain — an intermediate certificate is missing; reinstall the full chain.
FAQ
SSL or TLS — which is it?
TLS is the modern protocol; "SSL certificate" is just the popular name everyone still uses for the same thing.
Does a certificate make my whole site secure?
No — it secures the connection. You still need updates, security headers, and email authentication for real coverage.
How long do certificates last?
Often 90 days (Let's Encrypt) with auto-renewal, or up to about a year. Automate renewal so it never expires.
Not sure your HTTPS is set up correctly? Scan your domain, then reply to your report — we're developers and we'll get your certificate, redirect and headers right for you.