How To Use Your GeoTrust SSL Certificate
Once your SSL certificate is installed and tested you'll want to put it to use.
Before we talk about how to use your new SSL certificate let's discuss when to use it. Should you secure all of your site or just parts of it? In most cases you'll only want to secure parts of your site. This is because SSL has processing overhead. Everything transmitted from the browser has to be encrypted and then decrypted once it reaches the server and back to your browser again. This encrypting and decrypting takes time and makes your site slower. This is why, in most cases, you really only want to secure parts of your site.
You, as your site's webmaster or developer, have complete control over which parts of your site are secure. What parts of your site should you secure? Anytime your site asks the user to enter sensitive information into a form, such as a credit card number or other personal information, you should secure the page with SSL. Any time your site responds by sending back sensitive information for display in the user's browser, you should secure the transmission with SSL.
Here's a typical SSL usage scenario. You have a web site that sells books. Users come to your site over a plain, unsecured HTTP connection. They look around, search for books, read book reviews, and along they way they add books they want to buy to their shopping cart. Now they're ready to checkout, so they click the Checkout Now! button. Everything from this point forward will be asking the user to login and give personal information that might include a
credit card number and other private information. It makes sense that the whole checkout procedure should be secured with SSL.
Now that we know when to use SSL, let's talk about how to use SSL. Your SSL certificate is installed on your web server and your web server will use the SSL certificate, its corresponding private key, and the SSL protocol to secure the connection between the server and the user's browser, but it's just waiting for the signal to do so. The signal for the web server to use SSL is an incoming request from a hyperlink of the form https://www.mysite.com/checkout.html. The S in HTTPS stands for secure. That S is a signal to the web server that it should start securing the connection.
Tip: once a secure session is invoked with an absolute HTTPS link, the subsequent requests and responses will remain secure, even if you use relative links, until you invoke an unsecured session using an absolute HTTP link (without the S). If you turn it on, it's up to you to turn it off.
So now we know that we have to use hyperlinks to tell the web server which parts of our site we want served secured. Hyperlinks are embedded HTML tags and they come in two flavors: absolute and relative.
This is an example of an absolute link:
<a href=https://www.mysite.com/checkout.html>Checkout Now!</a>
This is an example of a relative link:
<a href=checkout.html>Checkout Now!</a>
The thing to notice is that the absolute link includes the protocol (https), server, and resource to locate. In order to start an SSL session you must use an absolute link in your HTML code.