The assortment of SSL certificates available may be confusing and could result in purchasing more (or less) than we need. Using a few questions, we can quickly arrive at a correct decision.
Is your website for personal or business use?
This hinges on what you want your website visitor to see. Is a valid HTTPS in the address enough. Do you need your site visitors to see that the SSL certificate belongs to a verified business? All SSL sites with a valid SSL certificate display https in the address bar. The Extended Validation (EV) SSL certificates also display another indicator. This is usually a green address bar. It helps validate that the organization is legally and physically verified according to certain fixed industry standards.
The regular or Domain-Validated SSL certificate
This is also known as a low-assurance certificate. Automated validation ensures that the domain name is registered and that an administrator approves the request. The webmaster must either confirm via email or configure a DNS record for the site to complete the validation. This is usually the cheapest option and is fine to improve search engine ranking. It is a fully validated certificate. Recommended for non-commercial websites and internal sites that need some encryption.
The Organization-Validated SSL certificate
Known as a high assurance certificate. It requires real people to validate the domain ownership as well as organization information such as name, city, state and country. It is similar to the low-assurance certificate but needs additional documentation to establish and verify company identity. This is the certificate for most businesses that do not need extended insurance or super encryption levels.
The Extended-Validation(EV) SSL certificate
This SSL certificate is a digital certificate issued in conformance with the extended validation guidelines. The CA/Browser Forum defines these guidelines. Extended Validation (EV) SSL certificates will tighten the security of Internet transactions. Certificate requestors are subject to a thorough, standardized vetting process which all issuing Certification Authorities (CAs) must adhere to. These checks involved manual verification of company data and registration. This ensures that fraudulent companies cannot run fake credit card schemes.
Companies whose Internet domains are considered at a high risk are considered good candidates for Extended Validation SSL certificates. Phishing schemes and other types of Internet fraud often target these domains.They also lend the most credibility to your website. They do this by bringing your business’s verified identity to the front – clearly displaying your company’s name in a green address bar.
Single, Wildcard and Multi-domain SSL certificates
The single domain certificate protects only the domain it was purchased for. Most will protect the root domain (mydomain.co.za) and ONE sub-domain (ie www.mydomain.co.za). If you need more sub-domains secured (ie mail.mydomain.co.za, ftp.mydomain.co.za, intranet.mydomain.co.za) then you need a wildcard SSL certificate. The wildcard certificate allows you to secure unlimited sub-domains thus it also costs more than the single domain certificate.
The last type is the multi-domain certificate. This certificate secures multiple domains. A single organization is normally associated with these domains. All three (single, wildcard and multi-) are usually available as low- high- or extended-validation certificates.