If you’ve just started a website for your business, and searching for an SSL certificate to protect it, you might already have heard about the various types of certificates that are offered by certificate authorities (CAs). And you may also be baffled by the number of options that are available, wondering which one you should choose. We understand this problem, and don’t worry, we’ve got you covered. In this article we’ll tell you about 6 different types of SSL certificates and how should you choose one based on your requirements. Let’s begin:
SSL certificates: A brief introduction
Before we dive into the various types of SSL certificates, it’ll be better to take a quick look on what these certificates basically are. So, the role of SSL certificates is to help your visitors ensure that they’re visiting your official website and not a website that looks like yours but sends the information submitted on it to someone else (a popular hacking technique known as website phishing). They do this by tying the identity of your website (i.e. your domain name) with the identity of your organization. Once a certificate has been issued to your organization and you’ve installed it correctly on your server, it starts showing a green padlock near the URL of your website to prove to the visitors that they’re visiting your official website. Any website that tries to duplicate your site on a similar domain won’t have that padlock.
An SSL certificate also encrypts all user data before it’s transmitted to your server. This serves for protecting their data from packet sniffing attacks in which data packets of users are stolen to steal the important information like usernames and passwords from them.
That’s a brief explanation of what SSL certificates do. Now let’s take a look on what type of certificates are available in the market today.
#1. Domain Validation (DV) certificate
The first type of SSL certificates are Domain Validation certificates. These certificates are issued after verifying that the owner of certificate is same as the owner of domain. Certificate authorities only check for the contact details of a domain owner in the WHOIS records, send an email on the same email address and your identity is verified when you open the email and click the link included in it. Once your identity is verified, you’re issued the DV SSL certificate for your domain. The process to obtain this kind of certificate is simplest.
#2. Organization Validation (OV) certificate
The next in line are OV certificates that are issued after verifying the identity of your organization. Before a certificate of this category is issued the CA checks the legal as well as physical existence of your company by requesting you to provide the documents that establish the identity of your company. Only when you’ve submitted the necessary legal as well as physical presence documents of your company you’re issued an OV SSL certificate. The benefit of these checks is that your identity becomes more dependably linked with the identity of your site. Faking an OV certificate is much more difficult than a DV certificate, because the attacker will have to replicate the legal and physical presence of your organization in order to obtain a similar SSL certificate from a CA (which obviously can’t be done without your knowledge and permission).
#3. Extended Validation (EV) certificate
The third category of SSL certificates are EV SSL certificates. These are the most secure certificates you can obtain for your site, because they display the information of your company when someone clicks on the green padlock icon in their browser’s address bar. The process of obtaining these certificates is not more tedious than OV certificates, but they cost you a bit more because in these certificates the CA itself verifies all the documents related to the physical as well as legal existence of your company. Due to this reason these certificates cost a bit more than OV certificates, but they also offer best-in-class security that you won’t find in the certificates of other rest categories. That’s why they’re used by all major companies around the world.
SSL Certificates based on the number of domains they can protect
We described three main types of SSL certificates in the descriptions given above. Now, all these three types of certificates have been further classified into three other categories based on the number of domains that they can protect. We’re going to discuss that in brief detail in the sections given below:
- Single-domain SSL certificates: As the name suggests, these certificates protect only a single domain or one subdomain (which is usually the www version of your URL; thus limiting the protection to only one domain in practical sense). Nothing more than that. Due to this reason they also tend to be quite affordable across all CAs.
- Wildcard certificates: These certificates protect your root domain and all the subdomains that you create below it. However, you can’t protect any other domains that you use for various purposes or websites in your organization. These certificates are bit pricy than single-domain certificates.
- Multi-domain certificates: Finally, multi domain SSL certificates can protect all your root domains as well as subdomains that you may have in your organization. Needless to say that they can be the best choice from the perspective of scalability. However, everything comes at a price – multi domain SSL certificates cost more than both single-domain as well as wildcard certificates.
Wrapping up: Which type of SSL certificate you should choose?
The answer to this question depends on the age, structure and financial resources of your organization. If you’re just starting up, you can get started with a single-domain DV SSL certificate. If your organization is a little old but constrained in financial resources, you may still have to choose a DV certificate only. However, in other circumstances one should get at least an OV SSL certificate to protect their website and user data in a more robust manner. We suggest this because DV certificates offer only a bare minimum level of security in terms of authentication. What type of OV or EV SSL certificate you choose (i.e. single-domain, wildcard, multi-domain) can be decided based on the domains that you need to protect and will vary from organization to organization, but in our opinion the minimum you should have is an OV SSL certificate.
So that was a brief description of the six types of SSL certificates that you can get for your business. We hope we were able to explain each of these types to you in a proper manner. If you still have any questions about them, feel free to leave them in the comments and we’ll try to answer them. And if you’ve got all the answers, go ahead and purchase the right SSL certificate now!