Who may need an SSL certificate? Any individual or organization that uses their website to require, receive, process, collect, store, or display confidential or sensitive information. Some examples of this information are: logins and passwords financial information (e.g., credit card numbers, bank accounts) personal data (e.g., names, addresses, social security numbers, birth dates) proprietary information legal documents and contracts client lists medical records Where can you get SSL certificates? Probably the most important part of an SSL certificate is where it comes from. SSL certificates are issued by Certificate Authorities (CAs), organizations that are trusted to verify the identity and legitimacy of any entity requesting a certificate. The CA’s role is to accept certificate applications, authenticate applications, issue certificates, and maintain status information on certificates issued. You may also be able to purchase digital certificates from a domain name registrar or website hosting provider. Keep in mind: When choosing the right SSL provider, consider the fact that users’ web browsers normally keep a cached list of trusted CAs on file – so if a digital certificate is signed by an entity that’s not on the “approved” list, the browser will send a warning message to the user that the website may not be trustworthy. How will visitors know my site has an SSL certificate? There are four visual clues: Padlock to the left of a URL https URL prefix instead of http A trust seal A green address bar (when an EV SSL certificate is issued) 1 SSL Shopper. What is SSL? Accessed Oct. 26, 2016.