What are the differences between various types of SSL certificates?
Now that we’ve discussed the benefits of an SSL certificate—and explained why your site should have one—it’s time to dig a bit deeper into the different types of SSL certificates that are available.
It’s important to note that all SSL certificates offer the same level of encryption. Where they differ is in the level of verification the business undergoes in order to obtain the certificate.
An extended validation (EV) SSL certificate is the most respected form available, offering the highest level of trust for visitors to your site. These premium-level certificates require the website and business to undergo intensive vetting to ensure they are legitimate and own the domain in question.
An organization validation (OV) SSL certificate requires less verification than an EV but still assures customers that your business is a legitimate legal entity and that you own your domain.
The domain validation (DV) SSL certificate is the easiest to obtain. EV and OV certificates require several steps, including a vetting process that can take a few days to complete. DV certificates only require one simple step—you just need to prove that you own the domain.
Unfortunately, because DV SSL certificates don’t require as much in the way of verification, it’s easier for bad actors—like phishers, for example—to get them and make their fraudulent sites look legitimate. So if your website is going to be handling sensitive customer information, it’s a good idea to go through the vetting process and obtain a higher-level certificate.
While the above SSLs are the most common certificates, there are a few others you might consider.
A multi-domain validation certifies multiple domains owned by the same person under a single certificate. This validation can save you time and money, but there are limits—every time you add a new domain, you must request a reissued SSL certificate to authenticate it.
If you want to use one domain and have the flexibility of adding subdomains, a wildcard SSL certificate might be right for your business. These validations cover your base domain and an unlimited number of subdomains. Further, it’s fairly simple to have a new certificate reissued for each new subdomain.
When deciding which type of certificate you should get for your site, go for the maximum amount of security that is reasonable and affordable for your business.