Security, SSL

6 Types of SSL Certificates to Secure Your Website

June 25, 2019 No comments yet
ssl certificates

Building customer trust or obtaining customers’ confidence in your business website is a must. The best way to accomplish this trust is to install an SSL certificate. SSL (Secure Sockets Layer) certificates are used to secure website pages when submitting necessary sensitive information. Sensitive information can be in the form of payment methods, online services such as online banking, and account login websites. SSL certificates can also be used to gain an end user’s trust. Google has incentives for website owners to install SSL certificates for search engine rank benefits. When the SSL certificate is installed to a website, the URL will change from HTTP to HTTPS. A padlock will appear in the URL address bar. This builds immediate trust with those visiting your site.

Certificate Authority (CA), a trusted third party, generates and issues SSL certificates for websites. There are a variety of types of SSL validation levels. It’s important to be familiar with them to know which to install.

Below is a list of the different types of SSL certificate types that can be purchased.

  • Extended Validation Certificates (EV SSL)
  • Organization Validated Certificates (OV SSL)
  • Domain Validated Certificates (DV SSL)
  • Wildcard SSL Certificate
  • Multi-Domain SSL Certificate (MDC)
  • Unified Communications Certificate (UCC)

Let’s dive into each.

Extended Validation Certificates (EV SSL)

The highest ranking and most expensive SSL certificate type is an Extended Validation Certificate. This type of SSL certificate, when installed, will display on the browser address bar, the padlock, HTTPS, name of the business, and the country. Displaying the website owner’s information in the address bar will help distinguish the site from malicious sites. To receive this type of SSL certificate, the website owner will need to go through a standardized identity verification process to confirm the website owner is authorized legally to the exclusive rights to their domain. EV SSL certificates are used, in high profile websites, for applications that require identity assurance such as collecting data, processing logins or online payments.

Types of Browser Views with EV SSL Certificates

  • Chrome will show a padlock, HTTPS, the name of the business, and the country code in green font.
  • Firefox will show a padlock, the name of the business, and the country code in green font and HTTPS.
  • Microsoft Edge will show a padlock, the name of the business, and the country code in green font and HTTPS.
  • Safari will show the green padlock and the name of the business.

Organization Validated Certificates (OV SSL)

Organization Validation SSL certificates’ main purpose is to encrypt the user’s sensitive information during transactions. This version of the SSL certificates has a high assurance similar to the EV SSL certificate which is used to validate a business’ creditably. This SSL certificate type also displays the website owner’s information in the address bar to help distinguish from malicious sites. OV SSL certificates are the second highest in price. Commercial or public-facing websites have a requirement to install an OV SSL certificate to assure that any customer information shared remains confidential. To obtain an OV SSL certificate, the website owner will need to complete a substantial validation process. A Certification Authority (CA) will investigate the website owner to see if they have the right to their specific domain name. Once the SSL certificate is installed, the business information will be displayed in the browser address bar.

Types of Browser Views with OV SSL Certificates

  • Chrome shows padlock, business name, country code, and HTTPS in green font.
  • Firefox shows a green padlock, business name and country code in green font, and HTTPS.
  • Microsoft Edge shows a green padlock, business name and country code in green font, and HTTPS.
  • Safari will show the green padlock and the name of the business.

SSL Certificates - OV SSL Certificate Viewer of Amazon.com

Domain Validated Certificates (DV SSL)

Domain Validation SSL Certificate has a low assurance and basic encryption typically for blogs or informational websites. The validation process to obtain this SSL certificate type is minimal. The process only requires for website owners to prove domain ownership by responding to an email or phone call. This SSL certificate type is one of the least expensive and fastest to obtain. The browser address bar will only display HTTPS and a padlock. The business name will not be included. If you do not need extra assurance for your website visitors, then you would install a Domain Validation SSL certificate.

Types of Browser Views with DV SSL Certificates

All browsers will only show a green padlock and HTTPS.

SSL Certificates - DV SSL Certificate example of nytimes.com

Wildcard SSL Certificates

Wildcard SSL certificates are used to secure a base domain and unlimited subdomains. Purchasing a wildcard SSL certificate is cheaper than purchasing several single domain SSL certificates. OV Wildcard SSL certificates or DV Wildcard SSL certificates are available for purchase. Wildcard SSL certificates will have an asterisk * as part of the common name. The asterisk * will represent any valid subdomain that has the same base domain. For example, the common name can be *.example.com. This SSL certificate type can be installed for install.example.com, list.example.com, etc.

SSL Certificates - Wildcard SSL Certificate example of ancestry.com

Multi-Domain SSL Certificates

Multi-Domain certificates can secure up to 100 different domain names and subdomains using a single certificate which helps save time and money. You have control of the Subject Alternative Name (SAN) field to add, change, and delete any of the SANs as needed. Domain Validated, Organization Validated, Extended Validated, and Wildcard SSL types are available as well. Here are some domain name examples that can be secured with just one Multi-Domain SSL certificate:

  • www.domain.com
  • www.domain.in
  • www.domain.org
  • domain.com
  • checkout.domain.com
  • mail.domain.com
  • secure.exampledomain.org
  • www.website.com
  • www.example.co.uk

SSL Certificates - Multi-Domain SSL Certificate of digicert.com

Unified Communications Certificates (UCC)

Unified Communications Certificates (UCC) are also considered Multi-domain SSL certificates. UCCs were originally designed to secure Microsoft Exchange and Live Communications servers. Today, these certificates can be used by website owners. This type of SSL certificate allows multiple domain names to be secured on a single certificate. UCC Certificates are organizationally validated and display a padlock on a browser. UCCs can be used as EV SSL certificates to give website visitors the highest assurance through the green address bar.

SSL Certificates - Unified Communications Certificate UCC of nike.com

Conclusion

There is great importance to having SSL certificates securing websites. Giving the website visitors’ confidence in their safety is key to having a successful website.

Remember:

  • If a website has HTTP instead of HTTPS, then the browser will send all the information as plain text to the web server. If anyone is watching web traffic, they will be able to see that information.
  • If the website has an SSL certificate installed and using HTTPS, then the web traffic will be encrypted. This is of great importance for collecting any customer’s sensitive information.
  • Lastly, Google has incentives for websites that have SSL certificates installed. And helping Google to rank your website higher should be at the top of your list.

Leave a Reply