SSL certificates are a core element of website building. Along with getting a domain name and a reliable hosting provider, installing an SSL certificate is a priority for anyone who wants to build a successful website. Today, Chrome and Firefox, one of the most popular browsers, flag unencrypted sites as not secure. To visitors, this means off-putting security warning the moment they enter a site without SSL.
With so many different sites across thousands of niches, it’s not feasible to protect them all with one standardized certificate. A universal, best SSL certificate is a myth. Each site has a specific budget and distinct security requirements; that’s why various types of SSL exist.
Certificate Authorities, the entities that issue SSL certificates try to accommodate every kind of site from small blogs to massive e-commerce platforms. For this reason, you see a big difference in prices and features across SSL brands and products.
Choosing the right SSL certificate for your project and budget may be a bit overwhelming if you’re doing it for the first time, but fear not. This article will walk you through each type of SSL, so you know exactly what certificate to buy for your website.
We’ll start with validation classification. When you apply for an SSL cert, the Certificate Authority needs to verify and validate your request before issuing the cert. For a basic website that doesn’t collect sensitive information proving domain ownership is enough. However, an e-store or a financial institution that processes online payments need a stronger indicator of trust, specifically Business or Extended Validation. In total, three SSL validation types exist, all suited to different websites.
Domain Validation SSL Certificates
Domain Validation (DV) certs are perfect for basic websites, small blogs, online portfolios, informational sites, photography sites, and small businesses. A DV certificate is an affordable entry-level product anyone who owns a website can request. The waiting time is usually up to five minutes.
DV certs offer the same encryption as any other type, but a low level of customer trust. Since they verify domain ownership only, anyone, including scammers can get DV certificates. As a rule of thumb, if you’re an official business processing payments online, DV certificates aren’t viable to you.
Business Validation SSL Certificates
Business Validation (BV) certs are ideal for e-commerce shops, medium size companies, startups, and NGOs. A BV certificate validates the identity of official businesses. It also helps websites comply with the strict PCI (Payment Card Industry) guidelines. If you accept credit card payments, a BV certificate is a must.
You can get a BV certificate in two to three business days providing all your documentation is correct and up to date. Upon inspecting your SSL certificates, visitors will know for sure you’re a genuine company operating in good faith.
Extended Validation SSL Certificates
Extended Validation (EV) certificates offer the highest level of customer trust, the highest SSL warranty, and exclusive protection against phishing attacks. Their main feature used to be the green address bar with the official company name next to the URL. And, while Chrome 77 update removed this indicator from the address bar, EV info is still available upon certificate inspection for any official company seeking to boost customer trust. EV SSL is widely employed on large e-commerce sites, financial institutions, and enterprises.
Now that we’ve analyzed the SSL validation types, let’s look at what can SSL certificates secure.
Single-domain certificates are the most popular products and their name is self-explanatory. They protect just one domain name and support all the validation types. You can’t use them on multiple domains or subdomains.
If you serve content via subdomains, you have no choice but to install a wildcard certificate. It will encrypt your main domain along with unlimited subdomains. Best of all, you can add more subdomains whenever you want and then reissue the certificate to activate them. Wildcard certificates come with Domain and Business validation only. Due to security reasons, Extended Validation wildcard certs don’t exist.
Sometimes you need to encrypt more than just one website. Here’s where multi-domain certificates come to the rescue. Also called SAN (Subject Alternative Name) or UCC (Unified Communication Certificate) SSL certificates, these products can secure up to 250 domains under a single SSL installation.
Most multi-domain certs protect 3 or 4 domains by default and additional SANs on request. With a single multi-domain certificate, you can secure different domains, different subdomains, and various domains and subdomains. But there’s more, a special multi-domain wildcard certificate allows you to encrypt all your subdomains and multiple domains, providing you with the ultimate flexibility. Multi-domain certificates support all three SSL validation types.
Public IP Address
Did you know that you can install an SSL certificate on your server without a domain name? If you’re an official company and need to secure a public IP address, special Domain and Business Validation certificates can do that. While encrypting private IP addresses is not possible, Certificate Authorities allow companies to protect a public IP. Extended Validation certificates can’t encrypt an IP address.
As you can see, there’s a certificate type for any situation and budget. From the smallest sites to the most complex web infrastructures, everyone has a slice of high-end encryption and extra features suitable for specific projects. And, if you still don’t know what certificate to buy, our SSL Wizard will recommend you the best options in no time.