Are you in a process of creating your own webpage or do you already have one or two? Then, you might be asking yourself, “Why should I use an SSL/TLS protocol rather than HTTP on my webpage?” You probably care about your visitors’ personal data. You know, that simple HTTP protocol cannot protect them from bad guys sniffing the traffic. But your blog does not collect any user input, like login data or credit card information. What purpose would the encryption of your website serve then? Let’s have a look at what the different types of SSL certificates are used for.
Apart from protection of sensitive data, there are other reasons for implementing encryption of your website. From one point of view, you make your site more trustworthy, since modern browsers mark non-encrypted pages as unsafe. This may harm your reputation. Also, another important purpose of such encryption is prevention from spoofing. TLS certificate provides verification of identity of the web server hosting your page, as well as your company. This is done by a trusted organization called Certificate Authority which is the issuer of the certificate.
Based on your use case, these are the different types of SSL certificates to choose from:
Domain Validation Certificates (DV SSL)
You can obtain this type of certificate in minutes, while the price is very attractive. The only thing you need is to prove the ownership of the domain in question. The drawback of this type of certificate is the lack of proof for legitimacy of the organization owning the domain. Thus, is it recommended for test domains and internal websites, as well as websites that do not require user data, for example blogs.
Organization Validation Certificates (OV SSL)
Except for the domain validation, this type of certificate validates the organization as a legally registered business. You can obtain it in a few days. It is not intended for individuals.
Extended Validation Certificates (EV SSL)
The certificate you are looking for when you want to secure your business website, though it is the most expensive option. It provides your website with a green bar with the name of your organization next to the HTTPS padlock icon. According to some sources, research suggests that visitors of your website would have greater trust in it, and would be more likely to provide their personal information (financial, registration, or other). To obtain this type of certificate you have to fulfill the requirements of the OV certificate, and your organization has to pass a stricter examination by a human specialist. You can get one in a few days.
Other Types of SSL Certificates
If you own a more complex website, or you would like to secure more of your websites at once, there are some additional options out there for a favorable price for you:
- Wildcard SSL Certificate – this type of certificate lets you secure all you subdomains (an example would be *.website.com, where the asterisk is substituted for a string, e.g. www, mail, etc.). You can get it as DV or OV.
- Multi-Domain (MDC) / Subject Alternative Names (SAN) SSL Certificate – available in all three categories, this single certificate can secure all your domains (up to 250) including subdomains.
- Unified Communications SSL Certificate (UCC) – this certificate can secure up to 100 domains. It was originally designed for Microsoft Exchange and Microsoft Office Communication Server, and it provides the EV type certification.
There is one disadvantage though. If one of your subdomains is compromised, revocation of the certificate will affect all your domains it secures.