If you have a website, you need to know that having an Extended Validation or Organization-Validated SSL/TLS Certificate will improve your website’s reputation, assure customers of secure transactions, long-term relationship with customers, and reduced transaction rates.
So, you might wonder, what is the difference between SSL and TLS certificates. Well, when we talk about SSL, we actually refer to it as TLS because all the certificates are compatible with both protocols. Also, the technical reason why SSL is used over TLS is because some computers or servers may not support TLS protocol but allow a secure connection over the SSL protocol.
Ideally, SSL/TLS certificate serves two functions. One it allows encrypted connections between your website and web servers through the SSL/TLS protocol. It’s also acts as an identity of the company that owns the certificate.
In this guide, we will take you through how to choose SSL/TLS certificates.
Register your Domain
First, you need to register a domain before you can qualify for a trusted SSL Certificate. The Certificate Authorities (CAs), an organization that issues certificates must verify the existence and ownership of your domain.
If your domain is not registered, then it might be an internal server name or simply an IP address that forms part of a private network. Unfortunately, CAs already put a restriction on issuing SSL Certificates that contains a reserved IP or an internal server name.
If you have an Internal server name how you can obtain an SSL certificate. You can use self-signed certificates, or if you have extensive internal expertise and resources, just set-up an in-house CA and start issuing certificates.
Choose a Trusted SSL Certificate
All SSL certificates contain encrypted information for security, but they are different on the amount of identifying information included in the certificate and how they are displayed on a website. In this case, there are three trusted levels of SSL certificates:
Extended Validation (EV)
These are probably the most expensive certificates with the highest requirements of any SSL certificates. It involves checking all the information of a certain organization. They are the most credible to your website with a verified identity that shows in the green bar in the browser.
For instance, look at the example below of GlobalSign Inc:
This indicator is an assurance to visitors that your website or organization is legitimate and secure.
Organization Validated (OV)
OV certificates contains the name of your website or organization and it cannot be issued to individuals. These certificates may be issued within 3 to 10 days. Although the basic information of an organization is include, it’s not displayed prominently in OV certificates.
Domain Validated (DV)
These are perhaps the simplest certificates that fulfill the urgency of getting a certificate since they are issued instantly. They contain the least amount of identity information among these certificates. Although DV certificates provide session encryption, they don’t include detailed information of a company. For this reason, DV certificates are not recommended for business use.
When deciding on which trust levels to choose, the key thing to consider is the amount of trust you want to provide to your visitors. Also, consider how valuable your brand image is to your web presence. These factors will help you get started with choosing the best SSL/TLS certificates.
Types of Domains
Regarding the number of domains and subdomains, you need to recognize three certificates.
Single-name SSL Certificates
These protect a single domain. For instance, if purchase an SSL Certificate for www.abc.com, it won’t secure mail.abc.com
Wildcard SSL Certificates
If you need to secure an unlimited number of subdomains of the same domain apart from the initial one, you need a Wildcard certificate. For instance, if you secure a certificate for www.abc.com, it can secure career.abc.com, but it won’t secure xyz.pro.abc.com.
Unified certificates allow you to secure several different domains with one certificate. They are designed to protect different domains with the same certificate with a SAN extension.
Self-Signed SSL Certificates
Apart from the private these SSL certificates, you may opt for self-signed certificate. You can generate these certificates by yourself. These certificates provide the same level of encryption, but you should not use them if you have a group of anonymous visitors visiting your website for some reasons. Visitor’s connection may be hijacked and the certificate cannot be canceled like a trusted certificate.
Determine the Number of Domains You Need With the Certificate
Just use one standard certificate. If you need to purchase a domain, find only one with a standard certificate. Choose from the list of certificates given above.
If you need a certificate for multiple domains, consider purchasing multi-domain certificate. Using a single certificate to cover multiple domain names is cost-effective than buying multiple individual certificates.
If you want to buy multiple domains with a single certificate, go for a Multi-domain Certificate. These certificates make it simple to acquire multiple domain names using a single certificate. In most case, you will hear people describing them as Subject Alternative Names (SANs).
If you want to acquire multiple sub-domains with one certificate, you can use a multi-domain or a Wildcard. This depends on how many sub-domains you need to buy and the trust level you need.
A Wildcard Certificate will be the most appropriate option to secure an unlimited number of websites if you need to add more sites. Wildcard Certificates are compatible with OV and DV products. However, the requirements don’t allow permits for EV Wildcard Certificates.
If you have created a simple website, you can secure a free certificate like Let’s Encrypt or StartSSL. But if you want more advanced options, look for improved versions. When you want to choose a certificate you need to consider some key things. To start with, DV certificates are issued instantly, so they are perfect for personal use. OV certificates are ideal for businesses while EV certificates are perfect for e-commerce business.
For single name certificates, use them to secure a single domain but if you want several different domains, go for multi-domain certificates. Also, consider the overall requirements of your website including the level and nature of certificates you want.