With the advent of free SSL certificates, many users have stopped thinking about buying paid versions and rely entirely on automatically created certificates, sometimes without even suspecting that this is done in some other way. In this article, we will analyze which sites really need reliable SSL, in which cases a free analog is enough, and what kind of RSA algorithm it is that ensures the security of millions of users every second.

• A complex algorithm is simple math. How does the RSA algorithm work?

The SSL protocol encrypts the connection between the user's browser and the server. All information remains private, if it gets to a third party, then this person will not be able to access the information. Take, for example, your Internet provider - he has access to all your Internet activity, receives the same data as you, and he also sends data from you, but if the data was transmitted over the SSL protocol, he will not be able to decrypt such data. How does this happen? In fact, it is based on a fairly simple mathematical principle.

RSA is one of the most common asymmetric encryption algorithms. When using symmetric encryption, the same key is used for both encryption and decryption of data. If the parties want to exchange encrypted messages in a secure mode, then both sides must have the same symmetric keys. This type of encryption is used for a large amount of data (since symmetric encryption is faster).

We could write a bunch of text, but if you're interested, it's better to check out the three-minute video from Dmitry Pobedinsky. It tells quite simply about the operation of this algorithm. Some details are not mentioned, but they are not necessary to understand the principle itself.



This is the principle by which data encryption works. After creating the site, we issue a basic SSL certificate absolutely free of charge. But this does not mean that it is worth writing off their paid versions.

• A clever move by marketers or a real need?

The main differences between free and paid SSL certificates.

- Free certificates are relatively short-lived and require constant reissue. Paid certificates are valid for a year or longer.

- The certifying center issuing the free certificate is not responsible for the integrity of the resource where it is installed. Paid digital signatures, on the contrary, make it possible to verify the owner of the site. The presence of such guarantees forms a high level of trust in the site among users and in search engines.

- In case of leakage of user data from a resource where a paid SSL certificate is installed, the affected party will receive compensation from the certification authority. The amount of financial guarantees depends on the specific type of certificate.

It turns out, in addition to the banal convenience, confidence in your resource increases. Moreover, trust is not only on the part of advanced users, but also on the part of search engines. Search engines are interested in issuing only secure sites on request, so a site with a certificate from reliable centers will be higher than with a free one.

Based on this, for sites that are engaged in commerce in conditions of even minimal competition, it would be quite good to issue a reliable SSL certificate. And if you work with sensitive user data, then this is a direct necessity, because the free certification authority does not bear any responsibility to you - the service is provided "as is".

• Big price? Not at all!

If we are not talking about company verification, but just a domain name (DV), then the prices are more than adequate. For example, our prices start from 1100 rubles a year for GoGetSSL® Domain SSL [DV] certificate. A very small price for a commercial website.
You can view all the options by following the link: https://hostetski.ru/panel/billing.php?do=shopitems&group=2
A temporary offer is valid at the same link: you can get a certificate from a trusted certification authority for free and switch to the paid version in the future, or stay on the free version, receiving part of the paid functions.