Knowledge base
Guides
Academy
Video tutorials
Try searching for:
Recently viewed articles:

Table of contents

TLS and SSL certificates for site security

Transport Layer Security (TLS) and Secure Sockets Layer (SSL) certificate is a security technology for sites that protects the data that your customers enter on your site: credit card numbers, social security numbers, login credentials, etc. TLS and SSL encrypts the data transfer from your site, and publishes the content securely using HTTPS instead of HTTP.

Having a TLS or SSL certificate also affects your site ranking in the search engine results since Google and other engines prefer secured sites over unsecured.

You can tell if a site is secure by looking at its link in the browser: site is not secured if it has a warning icon and the “Not Secure” note. TLS/SSL-secured sites have the padlock icon:

SSL_certificates__1_.png

In Ecwid, your online store and Instant Site are protected with TLS certificates. In other words, it’s safe for visitors to browse your site and make purchases. If you use another site instead of the Instant Site, you need to check if it has an SSL/TLS certificate and enable it if not.

How does TLS or SSL work

There are two security certificates: SSL and TLS. TLS is the successor protocol to SSL. Simply speaking, it’s the improved and more secure version of SSL, but the terms are often used interchangeably.

When a customer buys products in your online store and enters their credit card credentials, that data begins “a journey” from a client’s browser to your site. To make sure no criminals will attack that data while transferring, an TLS certificate comes into play in the role of a data guardian.

Here’s what TLS/SSL certificate does:

Encrypts transmitted data. That means that data looks like a garbled combination of characters nearly impossible to decrypt. This is particularly important when users transmit sensitive data, such as credit card details or email login data.

Сonfirms the authenticity of websites or services. It’s also called a handshake between two communicating devices. This helps to ensure that both devices are really who they claim to be.

Guarantees the integrity of transmitted information. The data will not change or be lost as it is transported from the server to the browser.

TLS security in Ecwid

By default, your Ecwid store and Instant Site are always launched with TLS technology.

You can verify the security of your store by inspecting store’s network sessions. To confirm checkout is secure, Ecwid shows a message on the checkout page:

SSL_certificates__2_.png

This means that if you are using an Instant Site, you do not need to take any extra actions to make your site and store run through a secure HTTPS connection.

Using a TLS certificate and running your site via a secure HTTPS connection helps to increase your online store’s credibility. Besides, many payment services require secure sites in order to support their payment gateway. For example, Apple Pay works only with HTTPS.

To make it obvious for the customers that your store is secure, you can add a McAfee SECURE Trustmark to your store with the help of McAfee SECURE app. This app adds the McAfee SECURE Trustmark to your store pages and scans your site for malware, viruses, and other malicious activity.

Providing TLS or SSL for your own site

In case you’ve added your Ecwid store to any other website apart from the Instant Site, you need to provide your site with an SSL or TLS certificate. The Ecwid store you embedded on site created on other platform will have an SSL certificate, but the certificate will cover only the store pages, and not all of your custom site.

Most domain registrars like GoDaddy, Bluehost, Namecheap, and so on will offer you to buy or enable an SSL certificate when you purchase a domain from them. The same goes for most popular site builders like Squarespace or Wix that already have SSL certificates included into their websites. You can easily check if your site is protected: open your site and see if the URL has a padlock icon near its name. If not, then you need to provide an SSL certificate.

Here’s your options for getting an SSL certificate depending on what site builder you use:

In case you use a custom site, here’s the list of services that offers SSL certificates:

Was this article helpful?

Awesome! Thanks for your feedback!

Thanks for your feedback!

Sorry about that! What went wrong?
6 out of 9 found this helpful
10
We use cookies and similar technologies to remember your preferences, measure effectiveness of our campaigns, and analyze depersonalized data to improve performance of our site. By choosing «Accept», you consent to the use of cookies.
Accept cookies Decline