Maximum security with an SSL certificate

  • Better Google ranking
  • Easy installation
  • Now available
starting at
Secure SSL-connection
All data such as passwords, credit card numbers and contact details are sent encrypted.
Protect yourself with our SSL certificates
  • German security and
    data protection standards
  • Awarded to the
    Web hoster of the year
  • Our fantastic support,
    personal and competent

Our SSL Certificates

  • 1 Prices include 19% VAT (Germany)

When do I need a
SSL certificate?

SSL stands for "Secure Sockets Layer". By using an SSL certificate, the data that is transmitted to your computer, for example when a website is called up, is encrypted.

As soon as you collect information from your customers on your website, e.g. via a contact form or within a shop system, you are obliged according to DSGVO to transmit this data in encrypted form.

Better Google
Positions with SSL
Your competitor
Not secure
Your competitor
Not secure
Your company name

Will find better with an SSL certificate

Already in August 2010 Google announced that SSL encrypted pages can achieve a better ranking in the search results.
  • Positive ranking factor on Google
  • Better visibility in search results
  • More visitors and customers on Google

Easy setup

In our intuitive customer area you can easily assign the SSL certificate to your domain with a click. The domain is secured immediately, your pages are immediately accessible via HTTPS protocol.
Assign a domain SSL Simply connect a domain that you want to protect with our SSL certificate.
Domain successfully connected It's so easy, from now on your domain is protected against attacks from outside.

6 good reasons for
our SSL certificates

After order
immediately available!
We take care of the technical setup in the background. Your pages are encrypted immediately after activation of the SSL certificate.
An SSL certificate tells your visitors that you care about their privacy needs.
Google prefers
SSL-encrypted pages
For Google, privacy is a high priority, so Google prefers to display encrypted pages in search results.
Excellent to
Webhoster 2018
Once again we were voted Hoster of the Year in the category "Domains" by our customers this year
Highest security
according to ISO/IEC 27001
Our data center meets the highest safety standards. The certificate confirms adequate safety management and high availability of all IT systems.
expert support
If you need support it? We are happy to help. Our trademark: The fantastic support - personally, individually and competently.
Maximum security with
an SSL certificate

What is an SSL certificate?

Thanks to the Internet, it's easy to get your shopping, banking and even a growing number of administrative tasks done online. However, this entails two major risks: the Internet is completely anonymous and data traffic can be intercepted. An extendable qualified SSL certificate, which can be issued for one or more years, helps resolve this issue by identifying your business partner and simultaneously encrypting the transmitted data. What is an SSL certificate, how does it work - and what do I need it for? The internet is continually gaining ground, and with it the endless possibilities that it generates. Virtual shops, auction houses, casinos and financial institutions are already the norm, private individuals can submit their tax declarations digitally (while more and more companies are even obliged to do so by law), and an electronic commercial register is being implemented. The days of the World Wide Web as little more than a giant reference book for facts or a purely military communication tool during the Cold War are long gone. Nowadays, the internet is where most of the dealings of our everyday life take place - and among them, many dealings of a more delicate nature. In some areas, confidentiality is crucial. When using an ATM, for instance, you wouldn't appreciate someone looking over your shoulder or, even worse, stealing your PIN number. No one would even dream of displaying their income tax on the bulletin board of the tax office. When buying books or CDs, we expect no one but the seller to receive payment - it would be unacceptable for anyone else to wrongfully gain access to our hard-earned money. In real life, a certain amount of care, common sense and caution (as well as an adequate dose of mistrust) seems to do the trick when trying to avoid the aforementioned inconveniences. But what about the digital, boundless and moreover completely anonymous internet? It is almost a given for people to take on fake identities and tell fantastical stories about their life and achievements in chat rooms. Organized scammers lure unsuspecting clients onto deceptively real-looking (but sadly fake) websites in order to gain access to their PIN and TAN numbers, leaving behind little more than an empty bank account. Anyone who connects their computer to a wireless network is handed whatever data is being sent on a silver platter. The radio signals are, so to speak, in plain sight: unencrypted, publicly emitted like binary morse signals, not unlike a radio broadcast for all to enjoy. An invitation to identity theft if ever there was one. Does it have to be this way? No. The first step toward data security was the introduction of the "HyperText Transfer Protocol Secure" in 1994. The user will recognize it from the address bar of their browser: the name of the domain or the website is no longer preceded by "http", but rather by "https", often combined with a symbolic padlock or highlighted in a noticeable color, depending on its origin. Because the necessary protocols have been pre-built into the browser software, HTTPS works on practically every web-enabled computer. It functions in two ways: first, it encrypts the data which needs to be transmitted into 128 or 256-bit blocks without the need for additional computer software. Second, it checks whether the partner in question is actually who they claim to be. This authentication makes it extremely difficult for phishing attacks to occur, as it redirects them to recreated websites. Consequently, financial institutes ensure that any online banking transactions are strictly processed via an HTTPS server. Auction houses rely on it for the user's registration, at the very least, although they transmit transaction data without any added encoding in order to increase computer speed. Other shops leave it up to the user to log in via the encrypted HTTPS or the unencrypted HTTP. When connecting via an HTTPS server, SSL is added into the mix - the "Secure Sockets Layer". In simple terms, the first thing that happens is the overlap of a second connection called "SSL Record Protocol" over the existing connection. This protocol (which, as its name implies, is purely there for recording purposes) ensures the encoding between both computers and checks whether the data entered on one side exits the other side unaltered. In order to achieve this, it calculates check digits from the transmitted data in regular intervals, adds them and adjusts them on both sides of the connection. Before the first data is exchanged, the "SSL Handshake Protocol" (manifestly named for the customary handshake at greetings) transmits the personal identification data of the parties involved and negotiates both the fragmenting as well as the encoding process to be used during the connection. In other words, both computers agree on the code and the uniform size of the data packets destined for transmission. From now on, there is a flow of encoded snippets of information through symmetrical algorithms (i. e. sender and receiver use one and the same approach for encoding and decoding). These snippets are decoded, assembled and made legible to the user by the receiving computer. The SSL certificate makes an appearance during this "handshake". It's a sort of digital ID card issued by a certificate authority or "CA" which allocates a public signature verification key to a specific person or organization. The CA certifies this allocation by giving it its own digital signature. In other words: if someone uses a certain code on the internet, it is possible to deduce and confirm who they are based on its composition. Whether such an identification is enough, and whether a digital signature can be recognized as a confirmation of the declaration of intent in legal dealings, is a substantial issue. Since the internet isn't supposed to be a legal vacuum, this is of great significance from a legal perspective. Because of this, in the Federal Republic of Germany, the so-called "Signaturgesetz" from 2001, along with the "Signaturverordnung", governs any matters of SSL certificates and digital signatures. The Federal Network Agency, or "Bundesnetzagentur", is the regulatory agency and principal certificate authority, which in turn has designated further accredited certificate authorities. These are nationally verified and provided with quality marks - most notably bar associations and associations of notaries, tax accountants and auditors. However, companies organized under private law, such as the Deutsche Telekom, Deutsche Post and DATEV, have also been granted approval. In order to become established as a private certificate authority ("Zertifizierungsanbieter"), a company must declare the launch of their business to the Federal Network Agency - no further permits are necessary. Proof of their required reliability and specialist knowledge must be provided, though, and a liability insurance with a limit of at least 250,000 euros per claim must also be taken out. Furthermore, a comprehensive concept must document the planning and full implementation of any necessary safety precautions (against hacking of a database or falsification of a certificate, to name but a few). Included in these are not only the technical, structural and organizational measures taken, but also the software and hardware put to use (along with the clearance certificates of their manufacturers), the implementation and execution of the certification procedure, emergency plans, and reliability checks of the employees (through examination of their certificates of conduct or the like). Such a provider may issue electronic certificates which confirm the identity of a natural or legal person by means of an unambiguous signature verification key allocated to them. In the case of a qualified certificate, things go one step further: it constitutes the highest and uniformly accepted form of identification in a business transaction and refers only to natural persons. This approach resembles that of a notarial certification in a way. In order for such a certificate to be issued, the applicant must be identified without any doubt through their ID card or passport, if need be through their birth certificate. This SSL certificate can use a pseudonym in lieu of a name, contain additional personal or professional information and refer to the power of representation by a third party - data which must be confirmed on the basis of suitable records and attestations, checked by the provider and is naturally subject to data protection law. The applicant must be given written instructions concerning the fact that their electronic signature has the same consequences as their genuine signature in legal dealings. The same applies to comprehensive information about storage and use of the digital signature; correct conduct in the case of loss or presumed misuse; pertinent safety precautions when generating or checking a signature; possible restrictions to the qualified certificate depending on type and scale; the necessity for a renewed signature after time has elapsed; the presence of voluntary accreditation systems (see below); opportunities for complaints and arbitration; as well as the approach and procedure involved in the cancellation of a certificate, submitted with a telephone number. These instructions must be signed by the applicant. Hereafter, the applicant receives a data carrier with a personal digital signature - its receipt must also be recorded in writing. Qualified certificates are valid for a maximum of up to two years, while SSL certificates are consistently valid for one year. Each has its own consecutive number, confirms the allocation of the signature verification key to the identified person, names the applied algorithm, and provides information about the exact validity and possible restrictions to its use, as well as the name and country of establishment of the certificate authority in question. The provider must make the certificate available and verifiable to the owner (online and around the clock), if requested - thereby, the desired identification and encoding on the World Wide Web has been achieved. However, the provider's responsibility does not end once the certificate has been made available. In fact, the provider must document the data and the authenticity of the certificates at all time, verifiably and immutably. This also applies to their business procedures: they are obliged to manage an archive which not only documents basic things like their security concept, certificates of conduct of their employees and contractual agreements (general terms and conditions) with applicants, but also any essential information about each and every certificate. This includes a copy of the personal ID; the pseudonym; proof of receipt of instructions as well as of the data carrier; all written agreements and confirmations referring to additional information concerning the qualified certificate; the issued certificate along with any relevant information about it; a possible cancellation; and, finally, possible information transmitted to the authorities according to data protection law. The entirety of this information must be stored for another two years after certificates are no longer valid. If the provider discontinues their business, they must ensure acquisition of the certificates by another provider; failing to do so, they must be canceled.
What is a SSL certificate, how it works - and why do we need it?
Das Internet wächst stetig und mit ihm die beinahe grenzenlosen Möglichkeiten, die es bietet.Virtuelle Shops, Auktionshäuser, Spielcasinos und Geldinstitute sind inzwischen bereits Routine, Privatpersonen können ihre Steuererklärungen in digitaler Form abgeben (Unternehmen werden vom Gesetzgeber zunehmend dazu verpflichtet), das elektronische Handelsregister ist in der Umsetzung - die Zeiten, in denen das WorldWideWeb lediglich eine Art riesiges Nachschlagewerk für Informationen und eine rein militärische Kommunikationsplattform des Kalten Krieges war, sind längst vorbei. Stattdessen übernimmt es zusehends die Geschäfte des Alltags. Darunter auch solche delikater Natur.

Es gibt Bereiche, in denen Vertraulichkeit oberstes Gebot ist. Wer beispielsweise am Geldautomaten seine Bankgeschäfte tätigt, möchte nicht, dass ihm jemand über die Schulter schaut oder gar die Geheimnummer stibitzt. Niemand käme auf den Gedanken, seine Einkommensteuer am Schwarzen Brett des Finanzamts zu veröffentlichen. Wer irgendwo Bücher oder CDs erwirbt, möchte sichergehen, dass allein der Verkäufer das Entgelt bekommt - und niemand anders unrechtmäßig die bezahlten Euro abzweigt. Im realen Leben lässt sich das alles mit entsprechender Sorgfalt, gesundem Menschenverstand und angemessenem latenten Misstrauen einigermaßen problemlos bewerkstelligen.

Doch was ist mit dem digitalen, uferlosen, dazu noch vollkommen anonymen Internet? In Chaträumen nehmen die Personen wie selbstverständlich andere Identitäten an und erzählen fantastische Lebensgeschichten. Organisierte Betrüger locken ahnungslose Bankkunden auf täuschend echt gemachte, nur leider gefälschte Webseiten und versuchen so, an die PINs und TANs des Nutzers zu kommen, um mit ihnen sein Girokonto leer zu räumen. Drahtlose Netzwerke, sogenannte Wireless-LAN, offenbaren jedem, der einen eigenen Computer dazwischenhält, was gesendet wird - die Funksignale sind durchweg im Klartext, also unverschlüsselt, werden wie binäre Morsezeichen weithin hörbar wie eine Rundfunksendung öffentlich ausgestrahlt und laden zum Raub der Identität förmlich ein.
Does it have to be like this?
No. The first step towards data security was the introduction of "HyperText Transfer" in 1994. Protocol Secure". The user recognizes it in the address line of his browser window: there the domain or the entered website name is no longer preceded by "http", but by "https", Depending on the manufacturer, usually combined with a symbolic padlock or with a with a striking color. HTTPS works - because the necessary protocols in the browser software are already installed at the factory - on practically all Internet-enabled computers and does two things: it usually encrypts the data to be transmitted at 128- or 256-bit level, without the need for additional software on the computer, and checks whether the partner is actually the one he pretends to be. This "authentication" makes it difficult to Phishing attacks by redirecting to reconstructed websites are of course uncommon.

Consequently, just financial institutions rigorously wrap the whole Internet banking traffic HTTPS server, auction houses at least the registration of the user, while the transaction data to increase the calculation speed without coded additional measures can be transmitted. Other shops, on the other hand, leave it to the user to decide whether he wants to encrypted over HTTPS or unencrypted over HTTP.

SSL comes into play when connecting via HTTPS server. SSL stands for "Secure Sockets Layer". and can be reasonably translated as "Safe Connection Layer". Simplified representation the following happens: a second connection named "SSL Record Protocol". This pure recording protocol provides the encryption between both computers and checks whether the data that is entered on one side is exactly on the other hand, by regularly leaving the sent data, the data, add the check digits and compare the value at both ends of the connection.

Before the first data is exchanged, the "SSL Handshake Protocol" (named after the handshake to greet) transmits the personal identification data of the participants and negotiates both the fragmentation and encryption method to be used during the connection. In other words: both computers agree on the code and the uniform size of the data packets to be transmitted. From now on, coded bits of information flow through symmetrical algorithms (i. e. sender and receiver use one and the same procedure for encrypting and decrypting), which the receiving computer decodes, assembles and makes readable for the user.

Handshake" is where the SSL certificate appears. It is a kind of digital identity card issued by a Certificate Authority (CA) and a publicly accessible Signature verification key of a specific person, or organization is assigned. This assignment is made by the certification/registration body by adding its digital signature to the certificate as well. In other words, if someone uses a certain code on the Internet, then can be clearly deduced from the composition and confirmed who he is.

Since the question of whether such identification is sufficient and whether a digital signature is appropriate in legal transactions to the confirmation of the declaration of intention is to be recognized, also from of extraordinary importance from a legal point of view - after all, the Internet is not intended to be a "Rechtsfrei Raum" - regulates in the Federal Republic of Germany the following the Signature Act of 2001 together with the Signature Ordinance all questions concerning SSL certificates and digital signatures.

The regulatory authority and supreme certification body is the Federal Network Agency, which for its part already further accredited (thus state examined and with quality mark certification bodies - mainly the chambers of lawyers, notaries, tax advisors and auditors, but also private law Companies such as Deutsche Telekom, Deutsche Post and DATEV were granted approval.

If you want to establish yourself on the market as a private "certification service provider" - as the correct term suggests - you have to start your business with the Federal Network Agency, but otherwise does not require any further permits. However, he must prove that he possesses the necessary reliability and expertise, also a liability insurance with a coverage of at least 250,000 euros per claim.

In addition, a comprehensive concept must document that it has taken the necessary security measures, for example against unauthorised access to the databases or against unauthorised access to the data, and that it has taken the necessary steps to ensure that the data is protected against unauthorised access.
How do I recognize SSL secured connections?

The certificate authority Let's Encrypt, which is mainly funded by the Mozilla Foundation, Google and Cisco, aims to make encrypted HTTPS connections the norm by offering free certificates. In the long run, this could lead to an increase in security and data protection on the internet.

In cooperation with this certificate authority (CA), we try do our part in securing the internet and sharing the benefits with our customers through our services - 100% free.

SSL certificates can be procured in a number of ways. One option is to get the certificate directly from a provider, i. e. a certificate authority. It is however easier and more convenient to order it from a web hosting provider. If, for instance, you choose checkdomain, you can order your certificate directly from the website - even if you are not a checkdomain customer (yet).

Our support team is ready to guide you through all the steps involved, be it technical requirements or necessary details. The required proofs or documents, ranging from a simple email confirmation to a copy of the trade register excerpt or the business registration, depend on the selected certificate.

Important: web hosts should ensure that they make a professional impression by opting for an SSL certificate from a trusted and well-known certificate authority such as Comodo. So-Called "self-signed certificates" which are offered for free do little to increase the user's trust.

The certificate is installed on the respective server which hosts the domain connected to the certificate. When a customer with a checkdomain hosting plan orders an SSL certificate, we take care of its installation - so you can sit back and relax. Concerning external certificates, i.e. ones ordered directly from a provider, please get in touch with your server administrator or web host beforehand.

When ordering an SSL certificate, it is important to check whether the company records correspond to the records for the domain owner at the relevant domain registrar for the domain in question. A WHOIS request is helpful to clarify whether the provided details are correct.

Depending on the certificate, the period of validity can last from 90 days up to 2 years. The option of an automatic renewal is always included. A crucial point for the trustworthiness of a website is the validity of its SSL certificate. If the certificate is expired, the user will be shown a safety notice - this could deter potential customers.

Wir helfen Ihnen gerne weiter

„Hallo, mein Name ist Matthias Franke! Zusammen mit meinem Team sorgen wir für einen Fantastic Support der von unseren Kunden geschätzt und geliebt wird.“

Free consulting from the team +49 (0) 451 / 70 99 70
Other products you might be interested in
Website Builder
Create your own website without any programming knowledge.
Create a Website
Concentrate fully on your project! Performance and security included.
Optimize your Web site and achieve top rankings.
Website optimization
Domain search
There are approximately 800 domain extensions from around the world available.
Domain name search now