In our earlier guide, we learned basic, yet important things about SSL certificates.
In this guide, you will learn about different types of SSL certificates. Knowing this will help you to get the right SSL certificate for your blog, website, or organization.
The foremost thing that you need to keep in mind is:
- SSL certificates are all about trust.
Useful SSL Related Terms To Know:
- SSL: Secured Sockets Layer
- CA: Certificate Authority
- DV: Domain Validation
- OV: Organization Validation
- EV: Extended Validation
- CSR: Certificate Signing Request
There are several types of SSL certificates. They can be grouped based on:
- Validation level
- Number of secured domains/subdomains
Types of SSL certificates based on validation level
For this type of SSL certificate, domain validation is done using email or adding a DNS record.
In simple words, you need to validate your ownership of the domain name.
This kind of certificate can be obtained in a few minutes (or occasionally a few hours). This is ideal for those who don’t have an organization & no extra security is needed.
It’s the cheapest kind of SSL certificate and is recommended where security is not the most vital factor (i.e blogs).
- Obtained in a maximum of a few hours
- Best for blogs and other non-sensitive websites
This is the minimum certificate suggested for e-commerce portals.
The Certificate Authority (CA) validates domain ownership & other information through the use of public databases.
The major difference between DV & OV is the company validation is done by the Certificate Authority. It’s not as extensive as EV (detailed below), but potentially better than DV.
- Requires 2-3 business days to activate
- No clear advantage over DV certificates
- Minimum for e-commerce portals
This type of certificate is highly recommended for any website where a transaction is happening.
Obtaining the DV & OC certificates are easy, whereas EV certificates require a strict authentication process.
This type of certificate displays the organization the certificate was issued to in the browser.
Most banking, finance, and e-commerce site use EV certificates as it offers the most popular green HTTPS address bar.
You can read the Extended Validation SSL certificate guidelines here.
- Takes about 7-10 days to activate
- Recommended for organizations looking to have the popular green HTTPS address bar
Types of SSL certificates based on secured domains
This is going to be an important decision for anyone who is planning to buy an SSL certificate.
Apart from the above three, you also need to pick the certificate type based on domains & subdomains you have.
Let’s quickly look at the different types of SSL certificates based on supported hostnames.
Single Name SSL Certificate
Only a single hostname is secured with this SSL type.
For example, if you buy a certificate for domain.com, it will not secure docs.domain.com or shop.domain.com.
Note: A Single Name SSL Certificate can also be used to secure only a sub-domain.
Ex: You can secure shop.domain.com and not domain.com.
Wildcard SSL Certificate
This one secures unlimited sub-domains for a single domain.
For example: Purchasing a Wildcard SSL certificate for shoutmeloud.com will also allow me to secure:
- and so on…
However, it will not secure abc.pro.shoutmeloud.com.
Multi-domain SSL Certificate
A multi-domain SSL certificate supports all different domains & subdomains.
This is highly recommended for those who have multiple domains & subdomains.
Unified Communications Certificate (UCC)
While doing the research for this article, I got to know more about this type of certificate.
UCCs allow customers to protect up to 100 domains using the same certificate.
Unified Communications Certificates are specifically designed to secure Microsoft® Exchange and Office communications environments.
Remember: Using one certificate for multiple domains doesn’t affect you in any way.
Popular websites to buy an SSL certificate:
- Geotrust: Certificate Authority
- Let’s encrypt: Certificate Authority (Free domain-validated certificates)
- CheapSSL Security
In the upcoming days, we will learn even more about SSL certificates. So stay tuned!