Some links on this page are affiliate links. See full disclosure in the page footer.

What Is an SSL Certificate?

Web Hosting Help graphic from Tech Help Canada showing HelperX Bot with icons for domains, hosting, email, SSL, and WordPress

An SSL certificate helps protect the connection between a visitor’s browser and your website. When it is installed and working properly, your site can load with https:// instead of http://, and information sent between the visitor and the site is encrypted in transit.

People still say “SSL certificate,” but modern secure websites usually use TLS, the newer security protocol. The older name has stuck around because most website owners, hosting dashboards, and product pages still use SSL as the familiar term.

What an SSL Certificate Does

An SSL certificate connects a domain name to a secure connection.

It helps with three things:

  • Encryption, so information is harder to read while it travels between the browser and the server
  • Domain validation, so the certificate is issued for the domain the visitor is using
  • Browser trust, so the browser can show HTTPS instead of warning visitors about an insecure page

For a small business website, SSL is expected on contact forms, checkout pages, login pages, booking pages, quote request forms, and any page where visitors may share information.

What SSL Does Not Do

SSL does not make a website fully secure by itself.

It does not:

  • Remove malware from a hacked site
  • Stop weak passwords
  • Update WordPress, themes, or plugins
  • Prevent every phishing or scam attempt
  • Protect an admin account if the password is reused elsewhere
  • Guarantee that visitors will trust the website content

SSL protects the connection. Website security also depends on updates, backups, access control, malware scanning, safe plugins, secure forms, and good recovery habits.

How SSL and HTTPS Work Together

The certificate is the credential. HTTPS is the secure version of the web address visitors use.

You need the certificate installed for the right domain, and your website needs to load through HTTPS. If the certificate exists but the site still sends visitors to http://, visitors may still see warnings or an unsecured version of the page.

For most business websites, the goal is simple: visitors should be sent to the HTTPS version automatically, and every page should load without browser warnings.

Which Domain Needs the Certificate?

The certificate must cover the exact version of the domain visitors use.

For example, these are different hostnames:

  • yourbusiness.ca
  • www.yourbusiness.ca
  • shop.yourbusiness.ca
  • booking.yourbusiness.ca

Some certificates cover only one hostname. Some cover the root domain and www. Wildcard certificates can cover many subdomains under one domain, such as shop.yourbusiness.ca and booking.yourbusiness.ca, depending on the product.

Before buying or installing SSL, confirm which version of your domain your site uses. If visitors can use both www and non-www, both should be handled properly.

Common Types of SSL Certificates

Small business websites usually run into these broad categories:

  • Domain validation certificates, which verify control of the domain
  • Organization validation certificates, which include more business verification
  • Wildcard certificates, which can cover multiple subdomains
  • Managed SSL services, where installation and renewal are handled for you

Many small business websites only need a domain validation certificate, but the right choice depends on the site, hosting setup, subdomains, checkout requirements, and how much technical work you want to manage yourself.

What Has to Happen Before SSL Works

SSL may require a few connected pieces:

  • The domain must point to the correct website
  • The certificate must be issued for the right domain
  • The certificate must be installed on the server or hosting plan
  • The site must load through HTTPS
  • HTTP traffic should redirect to HTTPS
  • Internal resources should load through HTTPS too

If one piece is missing, the certificate may exist but the site may still show a warning.

How to Tell Whether SSL Is Working

Open your website in a private browser window and check the exact address.

Look for:

  • The address starts with https://
  • The browser does not show “Not Secure”
  • The certificate is issued for the domain you are visiting
  • Both www and non-www versions behave as expected
  • Contact forms, checkout pages, and login pages load over HTTPS

Do not check only the homepage. A site can have SSL working on one page while another page still loads old HTTP resources.

When to Get Help With SSL

SSL setup can be simple on some hosting plans and more involved on others. You may want help if the certificate is installed but the site still shows warnings, if you have multiple domains or subdomains, if the site uses WordPress and old HTTP links, or if you are not sure where the domain is pointed.

Take notes before changing DNS, redirects, or WordPress URL settings. SSL problems often involve several connected pieces, and notes make troubleshooting easier.

If your small business website needs a certificate, you can explore SSL options through Tech Help Canada Hosting.

HelperX Bot

Not sure what to read next?

I can suggest related Tech Help Canada articles based on the topic you’re reading now.

 

Want a heads-up once a week whenever a new article drops?

Subscribe here

Tweet
Share
Share
Pin
WhatsApp
Reddit
Email

Leave a Comment

Table of Contents

Open Table of Contents
Tweet
Share
Share
Pin
WhatsApp
Reddit
Email