When it comes to website security, one of the most important things you can do is install an SSL certificate. This will encrypt the data that passes between your website and your visitors' web browsers, keeping their information safe from hackers. But with many different types of SSL certificates available, it can be difficult to decide which one is right for your website.
In this article, we will explain the six different types of SSL certificates, including their features and common use cases. So, whether you run a small business, you're a freelancer, or you're a working professional, you can choose the right one for your needs.
What is an SSL Certificate and what does it do?
What is SSL?
SSL stands for Secure Sockets Layer and is a protocol that provides communication security over the internet.
SSL certificates are website security certificates and are issued by what's called a Certificate Authority (CA), such as GoDaddy. These are organizations that verify the identity of the website owner and issue digital certificates.
When you install an SSL certificate on your web server, it enables the encryption of sensitive information like credit card numbers, login credentials, and contact information. This creates a secure connection and protects your website from data breaches and keeps your visitors' information safe.
SSL is also known as TLS (Transport Security Layer). The way SSL/TLS works is that it uses two keys to encrypt data – a public key and a private key. The public key is used to encrypt data and the private key is used to decrypt it.
When you install an SSL certificate on your web server, the CA will generate a public and private key for you. The public key is placed on your web server and the private key is kept secret.
When a visitor tries to access your website, their web browser will first request the SSL certificate from your server. Once it receives the certificate, the browser will use the public key to encrypt the data that is being sent to your website.
Your web server will then use the private key to decrypt the data. This way, only your web server can decrypt the data that is being sent to it, keeping it safe from hackers.
How do you know when a website is using SSL?
When you install an SSL certificate on your web server, it activates the padlock in the address bar and the HTTPS protocol. This means the website URL will start with HTTPS:// instead of HTTP://
Related: Growing your business: Get the scoop on SSL certificate
Types of SSL certificates based on Validation Level
When it comes to SSL certificates, there are three main SSL certificate authentication types available: Domain Validation (DV), Organization Validation (OV), and Extended Validation (EV). These mark the difference in the level of assurance that the CA provides about the website owner.
However, all SSL certificates provide the same level of encryption for the data being sent to and from the website. It is only the level of validation and the number of domains secured that differs.
Let's go over the features and explain the use cases of each different validation level.
Domain Validation (DV) SSL Certificate
A Domain Validated (DV) SSL certificate is the most common type of certificate. It's also the quickest and easiest to get because the validation process only requires the CA to verify that you own the domain. To get a domain validation SSL certificate, the CA will verify that you own your domain name. This can be done by sending an email to the address listed in the WHOIS record or by placing a file on your web server.
Features of DV SSL Certificates
- Domain ownership validation only
- Issued quickly (usually within a few minutes)
- Low cost
Use cases of DV SSL Certificates
DV SSL certificates are ideal for personal websites that don't handle sensitive information. This is because DV SSL certificates only provide basic validation and do not offer any additional security features. If you run a small business or an eCommerce website, we recommend that you get an OV or EV certificate.
Organization Validation (OV) SSL Certificate
An Organization Validated (OV) SSL certificate is more expensive and takes longer to get than a DV certificate. But it's also more secure because the CA will verify not only that you own the domain, but also that your business is legitimate.
To get an OV SSL certificate, the CA will verify your business identity and location. For this reason, only legally registered businesses and organizations can receive an organization validation SSL certificate. The CA will also verify that you have the authority to request an SSL certificate for your domain. This process usually takes a few days.
Features of OV SSL Certificates
- Domain and business ownership validation
- Enhanced security features
- Medium cost
Use cases of OV SSL Certificates
OV SSL certificates are ideal for non-eCommerce businesses, organizations, and even educational or government agencies. This is because OV SSL certificates offer enhanced security features that DV SSL certificates do not. However, if you run an online store, we recommend that you get an EV certificate.
Extended Validation SSL Certificate
An Extended Validation (EV) SSL certificate is the most expensive and time-consuming to get. However, it's also the most secure. This is because the CA will not only verify that you own the domain and that your business is legitimate, but also that your business is credible.
To get an EV SSL certificate, the CA will verify your company name, location, and credibility. This process usually takes around one week or more.
Features of EV SSL Certificates
- Domain, business, and credibility validation
- Highest SSL level of security features
- Highest cost
Use cases of EV SSL Certificates
Extended Validation certificates are ideal for online stores and other eCommerce websites. This is because EV SSL certificates offer the highest level of security features and the most thorough vetting.
Editor’s note: No matter which type of SSL certificate you need, GoDaddy has you covered. Get your website encrypted today!
SSL Certificates for web environments
We've mentioned the three types of SSL certificates based on validation levels. But there are also three different types of SSL certificates based on the web environment and how many domains you want to secure. We'll explain the differences and use cases here.
Multi-Domain SSL Certificates
A Multi-Domain SSL certificate is also known as a Subject Alternative Name (SAN) certificate. This type of certificate can secure multiple websites using different domain names. For example, you can use a multi-domain SSL certificate on example.com, test.com, and mysite.com. This is ideal for any individual or business with multiple websites.
A multi-domain certificate from GoDaddy can be used to secure up to 100 different websites along with their subdomains.
The benefits of getting a multi-domain or SAN SSL certificate are about saving money and time. With one certificate, you can secure all your websites instead of purchasing a separate certificate for each site. It's also easier to manage your website security, as you can manage up to 100 certificates from one dashboard.
Multi-domain SSL certificates can be issued for domains of each level of validation we discussed in the last section. These include domain validated (DV), organization validated (OV), and extended validation (EV).
Unified Communications (UCC) SSL Certificates
A Unified Communications Certificate (UCC) is similar to a multi-domain or SAN certificate in that it can be used to secure multiple websites. However, UCCs are specifically designed for Microsoft Exchange and Live Communications servers. UCC certificates are the predecessor of multi-domain certificates but they are still used for certain Microsoft server environments. A UCC certificate allows you to use a single IP address for all the domains that are secured by the certificate.
UCCs offer the same benefits as multi-domain or SAN certificates. They're more cost-effective because you only need to purchase one certificate to secure multiple websites. They're also easy to manage. As long as you have available slots in your UCC certificate, you can add domains as needed without having to generate a new certificate.
Wildcard SSL Certificates
A Wildcard SSL certificate is also similar to a multi-domain or SAN certificate. The main difference is that it can be used to secure an unlimited number of subdomains along with the main domain. For example, if you have a wildcard SSL certificate for *.example.com, it can be used to secure website.example.com, blog.example.com, and any other subdomain you create in the future.
The benefits of getting a wildcard SSL certificate are about convenience and future-proofing your website security. With a wildcard SSL certificate, you don't have to generate a new certificate each time you create a new subdomain. This is especially helpful if you run a large website with many subdomains. It's also helpful if you plan on creating new subdomains in the future and want to be prepared.
Who is a Wildcard SSL certificate for? Anyone or any business that wants to secure an unlimited number of subdomains along with their main domain. For example, if you run a website with many subdomains, a wildcard SSL certificate is a good option.
Wildcard SSL certificates can be issued for both DV and OV validation types. However, due to the requirements of EV certificates, it's not possible to issue a wildcard EV certificate.
Related: Beginner’s Guide: How to secure your website
Things to Consider Before Buying an SSL
Now that you know the six different types of SSL certificates, it's time to decide which one is right for your website. Here are a few things to consider before making your purchase:
- The type of website you have: If you have an eCommerce website, we recommend that you get an EV SSL certificate. If you have a non-eCommerce small business website, we recommend that you get an OV SSL certificate. If you just have a small personal website like an online resume or portfolio, a DV SSL certificate should be sufficient.
- The number of domains you need to secure: If you have multiple domains or subdomains, we recommend that you get a Multi-Domain or Wildcard SSL certificate. If you are running Microsoft® Exchange Server 2013, Exchange Server 2016, or Microsoft Live® Communications Server, go with a UCC SSL certificate.
- Your budget: DV SSL certificates are the least expensive. With OV certificates costing more and EV SSL certificates being the most expensive. Do you have multiple websites or subdomains? Multi-Domain and Wildcard SSL certificates are typically much more cost effective than buying multiple single-domain SSL certificates.
- Your level of technical expertise: If you're not comfortable with installing and configuring an SSL certificate, we recommend that you purchase a Managed SSL certificate. With a Managed SSL certificate, our team will handle the installation and configuration for you.
No matter which SSL certificate you choose, you can be sure that your website will be more secure and trustworthy. Contact us today to get started!
If you are looking for SSL explained in greater depth or to talk to our experts, select one of these options:
- Contact our SSL Support Team via Live Chat
- Read our guide on SSL
