Choosing an SSL Certificate: Made Easy

Written by: Ryan Frankel

Ryan Frankel

Ryan began developing websites in the late '90s and has personally tested just about every web host and cloud platform worth trying on the market today. With a masters degree in electrical and computer engineering from the University of Florida, he leverages his extensive knowledge of hardware, software, and their engineering relationship to inform HostingAdvice readers of the technical implications of their hosting choices. Ryan's subject matter expertise includes, but is not limited to, WordPress, cloud infrastructure management, product UI/UX design, and popular web development languages such as JavaScript and PHP.

See full bio »

Edited by: Lillian Castro

Lillian Castro

Lillian brings more than 30 years of editing and journalism experience to our team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct instructor at the University of Florida. Today, she edits HostingAdvice content for clarity, accuracy, and reader engagement.

See full bio »

When you need to get an SSL certificate for your website, the seemingly endless number of options available can be daunting. Since SSL certificates are web security products, there a wide variety of options to choose from, because Certification Authorities (CAs) want to ensure that end users get a certificate (cert) that perfectly fits their unique needs and will secure their website with the highest possible level of encryption, while also injecting trust into their site.

An Overview of the Basic Types of SSL Certificates Available
Certificate Type Types of Sites Features
Extended Validation (EV) * eCommerce
* Sites collecting personal info
* Sites where user trust is paramount
* 2048-bit encryption
* Green Bar to provide top-of-the-line trustworthiness
* The type used by web giants like Twitter, banks, etc.
* Issued in 3-5 days
Organization Validation (OV) * eCommerce
* Sites collecting personal info
* Verified that the site is a registered government entity
* 128-, 256-, or 2048-bit encryption
* Issued in about 24 hours
Domain Validation (DV) * Testing Sites
* Internal Sites
* Non-eCommerce Sites
* Very affordable
* Issued almost immediately

The Basic Value of SSL Certificates

For starters, there are certain features that all SSL certificates offer.

Encryption

Obviously, all SSL certificates will encrypt data that is sent from a customer’s browser to a company’s server.

Encryption ranges anywhere from 128-bit to the recommended 256-bit. In today’s increasingly treacherous online world, the higher the encryption, the better.

Trust Indicators

Additionally, SSL certificates activate a number of trust indicators on a website, like “https” next to the domain name, with the “s” standing for “secure,” a padlock icon in the browser bar, and site seals to verify that a business has been vetted by a third-party security company.

The Green Bar with EV Certificates

With Extended Validation (EV) SSL certificates, the famous “Green Address Bar” is activated, which turns the URL section green to simply convey that green means go thought that is instinctive, regardless of what language you speak.

The Different Types of SSL Certificates

To truly understand, however, what type of SSL certificate would be best for your website, it’s important to understand what types of SSL certificates are available. SSL certificates can basically be boiled down to five options:

1. Extended Validation (EV) Certificates

These are the premier SSL certificates. While SSL certificates are first and foremost security products designed to encrypt data sent from a browser to a web server, EV certificates take it a step further. In addition to top-of-the-line, industry-standard, 2048-bit encryption, EV certificates come with the green address bar – a recognized symbol of trust on the Internet.

This is the same trust imagery utilized by the most popular sites in the world, like PayPal, Twitter, and Bank of America, to just name a few. These certificates are recommended for everyone, since they offer the most bang for your buck, but they are absolutely necessary for any eCommerce website – where capturing the trust of your visitors is crucial to online conversion and profitability.

Since these certificates are the best of the best when it comes to SSL, the validation process performed directly by the Certification Authority (CA) typically takes between 3-5 business days to successfully complete before the certificate is issued.

2. Organization Validated (OV) Certificates

These certificates activate a number of browser trust indicators, but do not come with the green address bar.

Organization Validated (OV) SSL certificates do as the name suggests– validate that your organization or company is legitimate and recognized by a government entity; however, this validation process doesn’t take quite as long as that of EV certificates. OV certificate issuance is typically completed within 1-3 business days.

OV certificates are great for businesses that can’t quite fit an EV option into their budget, but still want to assure their online customers that they are a real company and safe for business transactions. In this day and age of fraudulent websites and identity breaches, consumers are learning more and more to be cautious on the Web. Therefore, websites that are thoroughly vetted by a third-party security company have a leg up on the competition.

These certificates are especially important for eCommerce websites, if an EV certificate is unattainable for whatever reason. You simply can’t place a price on earning the trust of your site visitors, and EV and OV certificates are a great way to start.

3. Domain Validated (DV) Certificates

These certificates offer industry-standard encryption and not much else. In addition to encrypting data, a big benefit of a Domain Validated (DV) certificate is that it can be issued in mere minutes, as a Certificate Authority (CA) only has to validate that you own the domain you wish to secure.

DV certificates are also the most affordable option on the market.

Since these are relatively low-cost certificates that are easy to obtain and quick to issue, they’re an ideal fit for testing websites, along with other internal sites. We recommend DV certificates for internal use only, because they don’t offer the premium trust features offered with OV and especially EV options, so any website owner that values customer trust should opt for a more premium certificate.

An Overview of the Advanced Types of SSL Certificates Available
Certificate Type Types of Sites Features
Multi-Domain * Companies that own 2-100 Domains * Add and remove domains throughout the lifetime of the cert
Wildcard * Sites that need subdomains to have SSL too * Can be DV or OV but not EV

4. Multi-Domain Certificates

If you need to secure multiple domains, but don’t want to deal with generating and installing a separate SSL certificate for each one, we would highly recommend a multi-domain certificate option. These certificates are capable of securing many different domains with just a single cert (also known as SAN/UC certs).

Depending on the certificate, you can secure anywhere from two domains to up to 100, or more. The benefit of going with a multi-domain SSL certificate is that it is much easier to manage several domains under just one certificate and you’ll also get a better rate per domain, as opposed to buying a separate SSL for each domain.

Also, when you purchase a multi-domain SSL certificate, you can add on additional domains throughout the lifespan of the certificate, up to the maximum amount of domains allowed for that product. This is another benefit of a multi-domain certificate; should new domains need to be secured, you can simply add them to an existing certificate, rather than having the go through the process of purchasing an entire new cert.

5. Wildcard Certificates

These types of certificates are incredibly popular and incredibly convenient. They allow you to secure your website’s main domain (www.name-of-site.com) and, in most cases, an unlimited number of subdomains (mail.domain.com, login.domain.com, xyz.domain.com, etc.) with just a single SSL certificate.

So, if your domain has subdomains associated with it, no matter the amount, we would highly recommend a wildcard SSL certificate. There are both DV and OV wildcard certificates available; however, no EV wildcard certificate option currently exists.

Recap: Why SSL Security Should Matter to You

A study conducted by Symantec, the largest web security company in the world, found that 552 million identities were breached online in 2013 alone.

That represents a 493 percent increase from 2012. The fact of the matter is that hackers are more prominent and determined than ever, and your website needs a security solution that properly addresses the gravity of these threats.

SSL certificates are a great place to start and equipping your website with one should be at the top of your priority list.

Advertiser Disclosure

HostingAdvice.com is a free online resource that offers valuable content and comparison services to users. To keep this resource 100% free, we receive compensation from many of the offers listed on the site. Along with key review factors, this compensation may impact how and where products appear across the site (including, for example, the order in which they appear). HostingAdvice.com does not include the entire universe of available offers. Editorial opinions expressed on the site are strictly our own and are not provided, endorsed, or approved by advertisers.

Our Editorial Review Policy

Our site is committed to publishing independent, accurate content guided by strict editorial guidelines. Before articles and reviews are published on our site, they undergo a thorough review process performed by a team of independent editors and subject-matter experts to ensure the content’s accuracy, timeliness, and impartiality. Our editorial team is separate and independent of our site’s advertisers, and the opinions they express on our site are their own. To read more about our team members and their editorial backgrounds, please visit our site’s About page.

ABOUT THE AUTHOR

Ryan Frankel has been a professional in the tech industry for more than 20 years and has been developing websites for more than 25. With a master's degree in electrical and computer engineering from the University of Florida, he has a fundamental understanding of hardware systems and the software that runs them. Ryan now sits as the CTO of Digital Brands Inc. and manages all of the server infrastructure of their websites, as well as their development team. In addition, Ryan has a passion for guitars, good coffee, and puppies.

« BACK TO: BLOG
Follow the Experts
We Know Hosting

$

4

8

,

2

8

3

spent annually on web hosting!

Hosting How-To Guides