An SSL certificate, or digital certificate, is a file installed on a secure web server that identifies a website. A digital certificate establishes the identity and authenticity of the company that runs a website so that visitors can trust that the website is secure and reliable. In order to verify that these sites are legitimate (that the owners are who they say they are), the companies and their websites are verified by a third-party certificate authority, such as IdenTrust or DigiCert.
Once the certificate authority establishes the legitimacy of an organization and that they run the associated website, it will issue an SSL certificate. The cost for a certificate varies, depending on the level of support provided — some certificates are issued for free, but many cost around $60-$100 per year (or more). This digital certificate is installed on the web server and will be viewable when a user visits the website. Sites with a valid certificate load using HTTPS, and display a padlock icon next to the URL in the address bar. To view the certificate, click the padlock icon.
Because digital certificates verify a company's current status, they do not last forever. Most SSL certificates expire after a year, with free certificates expiring after three months. If the certificate is not renewed in time, a site's visitors will see a warning in their web browser before the page loads, informing them that "This website's certificate has expired." While this does not necessarily mean the site is fraudulent, it does show that the site's administrators allowed their certificate to expire before renewing it.
NOTE: Even though they are called SSL certificates by certificate authorities and website administrators, they now use the TLS security protocol. TLS replaced SSL in 1998, and SSL was eventually deprecated in 2015.