A single domain SSL certificate secures one fully qualified domain name (FQDN) and automatically covers both the WWW and non-WWW versions of that name. For example, a certificate for example.com works for www.example.com too. Prices start at $7.66/yr, with options from Sectigo (formerly Comodo), DigiCert, GeoTrust, RapidSSL, Thawte, and GoGetSSL covering DV, OV, and EV validation levels.


What a Single Domain SSL Certificate Covers
Each certificate secures exactly one FQDN, with the WWW variant included automatically at no extra cost or configuration step. Buy a certificate for example.com and it works on both example.com and www.example.com out of the box, with no second name to specify at checkout.
What’s outside the scope: subdomains beyond WWW (such as shop.example.com or mail.example.com) and any unrelated domain. Each of those needs its own certificate.
A single-domain product can also secure a mail server FQDN, a specific hostname, or in some cases an IP address.
Validation Levels: DV, OV, and EV
All three validation levels use the same 256-bit AES encryption with 2048-bit RSA or ECC keys — they differ in how rigorously the Certificate Authority verifies your identity, not in how strongly your data is encrypted.
- Domain Validation (DV) confirms only that you control the domain. Verification runs through an automated check (typically email-based, with DNS record or HTTP file methods as alternatives), and most DV certificates issue in about 5 minutes. DV is the right pick for blogs and personal sites, plus simple small-business pages where the visitor needs HTTPS but does not need to see a verified company identity in the certificate details.
- Organization Validation (OV) adds a check on the business behind the domain. The CA verifies your organization’s legal registration and contact details against public records, then issues the certificate in 1–2 business days. Buyers viewing the certificate can see the verified company name. OV suits business websites, customer login screens, and any site where displaying a vetted identity matters.
- Extended Validation (EV) applies the strictest vetting in the CA/Browser Forum guidelines, covering both the organization’s legal registration and its operational and physical presence. Issuance takes 1–3 business days. The verified company name appears in the certificate details accessible through the browser padlock. Choose EV for e-commerce checkout flows and financial services, along with other transaction-heavy sites where the strongest visible identity signal carries weight.
Single Domain vs. Wildcard vs. Multi-Domain
Picking the right certificate type comes down to how many names and how many sites you need to cover.
- Single domain covers one address and its WWW form on the same site. Pick this when there are no subdomains to secure.
- Wildcard SSL certificate covers one domain plus an unlimited number of first-level subdomains under it. A certificate for *.example.com secures shop.example.com, blog.example.com, app.example.com, and any other first-level subdomain. Choose this when one site uses many subdomains.
- Multi-Domain (SAN) SSL certificate, also called a SAN or UCC certificate, lists multiple separate FQDNs on one certificate (for example example.com, example.net, and another-site.com). Multi-domain, SAN, and UCC are three names for the same product. Pick this when you run several sites or services and want one certificate to manage them all.
Who Should Buy a Single Domain SSL Certificate
A single-domain certificate is the right choice when you’re securing one website on one FQDN with no subdomain coverage requirement. A DV certificate from SSL Dragon starts at $7.66/yr, which makes the entry point realistic even for hobbyist sites.
- Personal sites and blogs — DV is enough, and the lowest-cost option in the catalog gets the padlock in place.
- Small business websites and login screens — OV adds a verified company identity to the certificate, useful for sites collecting form data.
- E-commerce and transaction-heavy sites — EV applies extended vetting and shows the verified organization name in the certificate details, giving the strongest identity signal at checkout.
Certificate Lifespan and Renewal in 2026
As of March 15, 2026, the maximum lifespan of a publicly trusted TLS certificate is 200 days under CA/Browser Forum Ballot SC-081v3. The cap drops to 100 days on March 15, 2027, then to 47 days on March 15, 2029.
Shorter lifespans mean more frequent renewals, so automating reissuance through the ACME protocol keeps a single-domain site running without manual reissue. SSL Dragon’s catalog still offers subscription terms from one to three years, which lock in the price across the full period. Each issued certificate respects the current 200-day cap, but reissuance within your subscription comes at no extra cost.
Why Buy a Single Domain SSL from SSL Dragon
Buying through SSL Dragon gives you brand range and transparent pricing, with a refund window long enough to swap if your needs change.

Multiple Certificate Authorities on one page
Pick from Sectigo (formerly Comodo), DigiCert, GeoTrust, RapidSSL, Thawte, or GoGetSSL without comparison-shopping across vendors.

Single-domain DV from $7.66/yr
The price point covers entry-level DV with full browser trust, with OV and EV available when validation depth matters.

25-day money-back guarantee
Tequest a refund within 25 days of purchase if the certificate does not fit your setup.

Free SSL Wizard
Answer a few questions and the tool narrows the catalog by domain count and validation level within your budget.
Frequently Asked Questions
Yes, automatically, with every standard single-domain certificate from Sectigo, DigiCert, GeoTrust, RapidSSL, and GoGetSSL. There is no “include both” checkbox at checkout and no need to specify the second name during the CSR generation.
Copy Link
Validation depth and issuance time are what differ. Encryption is identical at 256-bit AES across all three. DV issues in about 5 minutes after an automated domain check, OV in 1–2 business days after a business identity check, and EV in 1–3 business days after extended vetting.
Copy Link
No. Only the primary FQDN and its WWW counterpart are covered, so a separate hostname like mail.example.com falls outside scope. To secure all hosts under one parent domain in a single product, the Wildcard SSL certificate is the right fit. To put several distinct domains together on one certificate, look at the Multi-Domain (SAN) SSL certificate.
Copy Link
DV starts at $7.66/yr (Comodo PositiveSSL). OV starts at $37.33/yr (Comodo InstantSSL), and EV starts at $75/yr (Comodo PositiveSSL EV). Choosing a 2- or 3-year subscription term lowers the per-year cost while locking in the price for the full period.
Copy Link
Each issued certificate is valid for up to 200 days under the CA/Browser Forum rules in effect since March 15, 2026. SSL Dragon’s subscription terms (running from one to three years) cover the full purchase period regardless of how many reissuances the lifespan cap requires. Your price is locked even though each individual certificate respects the current 200-day limit.
Copy Link
Yes. A 25-day money-back guarantee applies to every single-domain certificate. The SSL Dragon support team can also help you reissue or switch to a different certificate type (for example, moving from single-domain to wildcard) before issuance if your needs change.
Copy Link
Don’t know what you need?
Use our SSL Wizard to select your options, and we’ll help you find the right SSL certificate.
Don’t know what you need?

