SSL certificates make HTTPS websites possible
SSL (Secure Sockets Layer) certificates allow a website to be served via the HTTPS protocol, wherein HTTP requests and responses are encrypted with Transport Layer Security (TLS). HTTPS is also known as HTTP Secure.
SCLS offers SSL certificate management services for libraries that require HTTPS websites. This service works best for libraries whose websites are also hosted by SCLS; we will implement a secure TLS service configuration for hosted sites.
Why HTTPS is important
When a visitor uses an HTTPS website, their request and any information communicated back and forth to the website (like username/password or other confidential content), are encrypted to protect it from being intercepted by someone else.
Which websites should use HTTPS?
Traditionally used by banks and ecommerce providers to protect financial and credit card information, HTTPS is becoming a best practice for websites of all types that require logins or enable communication via webform. Even when personal identity or login information is not being used, encryption still increases user privacy by ensuring that third parties cannot observe what information is being searched or retrieved. Because this strong privacy value enhances the freedom of information, all federal government websites will be HTTPS-only by the end of 2016 (more info).
Libraries wishing to provide optimal website security and maximize patron privacy may consider switching their websites to use HTTPS by adding an SSL certificate. For example, LINKcat and its fine payment website are both served as HTTPS.
HTTPS and older web browsers
Websites that are secured with modern TLS and strong encryption are not compatible with nonsecure software. Patrons with older browsers (such as Internet Explorer 8 or older) may be unable to access websites served as HTTPS. This is becoming rarer and may be avoided entirely by upgrading to the latest version of any major browser (Firefox, Chrome, Safari, Edge, etc.). On older computers where the latest Safari, IE or Edge versions cannot be installed, users should still be able to use current versions of Firefox, Chrome or Opera.
SCLS purchases SSL certificates from WiscNet. The type we recommend is the GeoTrust TrueBusiness ID for a 3 year term (to manage our staff time renewing certificates), unless specific needs merit Multi Domain or Wildcard certificates.
SSL certificates are purchased on behalf of member libraries that request them for their domain names. The library will be billed for the certificate price.
New certificate requests are solicited in April & October. Renewals are done in June & December.
New certificates may be requested any time for the upcoming purchase cycle by completing the SSL Certificate Request form.