Find the right type of certificate for your website
What SSL Actually Does for You?
SSL is the acronym for Secure Sockets Layer and is the Internet standard security technology used to establish an encrypted (or safe) link between a web server (website) and your browser (i.e. Internet Explorer, Chrome, Firefox, etc…). This secured link ensures that the data/information that is passed from your web browser to the web server remain private; meaning safe from hackers or anyone trying to spy/steal that info. SSL is the industry standard and is used by millions of websites to protect and secure any sensitive or private data that is sent through their website. One of the most common things SSL is used for is protecting a customer during an online transaction.
To establish a secured SSL connection on a web server it requires an SSL Certificate to be properly installed. When completing the process to activate SSL on your web server you will be asked to complete a number of questions to verify the identity of your domain and your company. Once properly completed, your web server will create 2 types of cryptographic keys – one is called a Private Key and the other is called the Public Key.
The Public Key isn’t a secret and it’s placed into something called a Certificate Signing Request or most commonly referred to as the CSR. The CSR is a file that contains all the data of your details. Once this CSR is generated, you can begin the SSL application process. During this process, the Certification Authority (CA) will go through the validation process to verify your submitted details and then once verified will issue an SSL Certificate with your details and allow you to use SSL. Your web server will automatically match the CA issued SSL Certificate to your Private Key. This means you are now ready to establish an encrypted and secure link between your website and your customer’s web browser.
SSL protocol is complex, but the complexities always remain invisible to your customers. Instead the browser they are using provides them with a key indicator letting them know that their session is currently protected by an SSL encryption – sometimes it is the lock icon in the lower right-hand corner, or the addition of an “s” in https rather than just http, on high-end SSL Certificates, a key indicator is the green bar in the browser. Clicking on the indicators will display all the details about it. All trusted Certification Authorities issue SSL Certificates to either legit companies or legally accountable individuals.
Generally speaking, SSL Certificates include and display (at least one or all) your domain name, your company name, your address, your city, your state and your country. It also always has an expiration date of that particular certificate and of course the details of the Certification Authority responsible for issuing the certificate. Browser connect to a secured site and then retrieves the site’s SSL Certificate and first makes sure that it has not expired, then it checks to see if it was issued by a known Certification Authority that the browser trusts, and then that it is actually being used by the website that is was actually issued to. If any one of these parameters does not check out properly, the browser will display a warning to the user to let them know that this site is not secure by SSL. It says to leave or proceed with extreme caution. That is the last thing you would want to say to your potential customer. That is why SSL is of high importance to any successful company doing business on the web.
There are many different types of SSL certificates (or TLS certificates) out there – and we assume you don’t have all day to try and figure out which one is BEST for your domain(s) and situation. Luckily, we’ve broken down & organized each type of potential certificate solution right here for you, so you can quickly find exactly what you need as soon as possible.
Domain Validated (DV)
These encryption-only certificates are popular because of how fast and simple they are to get. All you have to do is prove you own the domain you wish to secure in order to get a DV certificate issued. This process usually takes just a few minutes to complete. You’ll get industry standard encryption and trust indicators like HTTPS and the padlock icon. Internal testing domains, blogs, and basic template sites are good candidates for DV certificates, since they offer full encryption but just basic trust indicators.
Organization Validated (OV)
OV certificates are the “better” in the “good, better, best” model for SSL/TLS certificates. These certificates validate that a domain belongs to a registered business before being issued, and this process typically takes between 1-3 days to complete. The added benefit of an OV certificate is a dynamic site seal, which when clicked on, displays validated company information to a visitor, along with HTTPS and the padlock icon. These certs also offer 128- to 256-bit encryption and are perfect for registered businesses who can’t quite find room in their budgets for EV yet.
Extended Validation (EV)
Extended Validation (EV) certificates are the most premium SSL solutions available. These are the only SSL certificates that can truly be viewed at as an investment, given their ROI potential. The main feature of EV certificates is the green address bar, the most universally trusted symbol across the web. Websites equipped with the green address bar – like Apple, PayPal, and Twitter – are instantly recognized as legitimate websites that can be trusted with personal information. The validation process typically takes a little more time with these certificates, around 1-5 business days, but if you have a registered business, we’ll help make sure you can get one!
These certificates do just as their name suggests – cover multiple domains with just a single solution. One Multi-Domain SSL certificate can cover up to 250 total domains, depending on the brand of certificate. Multi-Domain certificates are an extremely convenient option for businesses that own a lot of different TLD extensions and want to cover them all with up to 256-bit encryption without having to purchase and install separate SSLs for each one. Since these certificates are available in EV, OV, and DV options, you’re sure to find a Multi-Domain certificate that suits your needs.
Wildcard SSL certificates cover one domain name and an unlimited amount of sub-domains. For example, a Wildcard SSL certificate can cover www.domain.com, email.domain.com, login.domain.com, xyz.domain.com, etc. These certificates are extremely popular, affordable, and convenient solutions – since most domains have subdomains. Also, they are available in both DV and OV types, with no EV Wildcard SSL certificate currently available. Wildcard SSL certificates offer up to 256-bit encryption on all of the domains and subdomains that they cover.
Multi-domain Wildcard Certificates
There’s nothing a Multi-Domain Wildcard SSL certificate can’t secure. For any company or organization with a complicated public-facing web infrastructure, a Multi-Domain Wildcard is the perfect security solution. Depending on CA, you can secure up to 25, 100 or 250 different domains or IPs and all accompanying sub-domains. Nothing saves you more time, money and effort than securing your entire web presence with a single SSL certificate.
Code Signing (CS)
Code Signing certificates aren’t traditional SSL/TLS certificates, but they play an important and expanding role in online security and integrity. These are certificate-based digital signature algorithms that verify a piece of code hasn’t been tampered with since it was signed by the author. We like to think of it as a “digital shrink wrap” that validates code is being authentic and in its original form. It is the web’s tamper-proof system for software downloading. Code signing certificates are used and recognized by all major operating systems like Apple OS X, Linux, and Windows.
Email & Document Signing
These increasingly popular certificates can validate the identity of both the email sender and the recipient. Email signing certificates are especially important within organizations, to ensure that the proper secure communication practices are being followed. We have email signing solutions available from Comodo, one of the most reputable online security companies in the world.