HTTPS is a protocol for securely communication over networks. It's recommended best security practice to use it on all sites nowadays, especially when dealing with logins, e-commerce, or similarly vulnerable data transactions.
An SSL certificate also seals the ownership of a webpage and the responsible instances for the domain that utilizes the SSL certificate.
SSL adds both security and authenticity to your website or web application.
- Let's Encrypt - Free SSL/TLS certificates (a US-based certification authority).
- Certbot - Automatically enable HTTPS on hosts with console access to your website with EFF's Certbot, deploying Let's Encrypt certificates.
- SSL Server Test - An online tool to test SSL on webservers.
- Pentest Cheatsheet - Penetration tester's checklist for SSL.