SSL certificates explained: what you need, what you don't
Free SSL is now the default everywhere. Here's what an SSL certificate actually does, when paid certs make sense, and how to spot fake urgency.
What an SSL certificate does
An SSL (or more accurately, TLS) certificate encrypts the connection between a browser and your server. It proves your domain is what it says it is and lets your site use HTTPS — required for SEO, browser trust indicators, and any login flow.
Since 2018, Let's Encrypt has made SSL free and automatic. Most hosts now provision and renew certificates without you noticing.
Free vs paid certificates
A free Let's Encrypt certificate provides the same encryption strength as a $200 certificate. The padlock looks identical. For 99% of sites — including ecommerce — free is genuinely fine.
Paid certificates add a warranty (rarely useful) and, in the case of EV certificates, a vetting process. Browsers used to show a green address bar for EV — they no longer do, which gutted the main reason to buy one.
When you actually need a paid cert
Wildcard certificates (*.example.com) are common in paid form, though Let's Encrypt offers them too with DNS verification.
Specific compliance regimes (banking, government procurement) sometimes mandate a named CA. Outside those cases, the upsell is largely fear-based.
Questions readers ask about this topic
Is Let's Encrypt secure?
Why do some hosts charge for SSL?
Will my site break without SSL?
Where to go next on Hostilo
One email a month. Hosting deals, new reviews, no fluff.
How to choose web hosting in 2026
A calm, decision-first framework for picking hosting without falling for marketing claims or coupon-site noise.
Shared vs VPS vs cloud hosting, explained simply
The plain-language version of the comparison most articles overcomplicate — with practical recommendations by site type.