Home / Security / What Type of SSL Certificate Does Your Website Need?
A padlock on a green door.

What Type of SSL Certificate Does Your Website Need?

Internet users are more concerned about security than ever. If you run a website, you’ll need to show them you can be trusted to provide a secure connection and protect their data. This means procuring an SSL certificate.

However, before you do, you’ll want to do some research. There are actually three main types of SSL certificates, and it’s important to understand the distinctions between each one. That way, you’ll know that you’ve obtained the right kind of certificate for your site.

In this article, we’ll provide a quick introduction to SSL certificates. Then we’ll explore the three varieties, and talk about when each is most useful. Let’s jump right in!

An Introduction to SSL Certificates (And Why Your Site Needs One)

A secure URL displayed in a browser.
With the right type of SSL certificate, visitors will be informed that your website is secure.

You may have noticed that while most website URLs used to begin with http://, many now start with https:// instead. This seemingly small distinction is very significant.

To understand why, let’s look at ‘communication protocols’. These enable the transfer of information between a website’s server and a visitor’s browser. Hypertext Transfer Protocol (HTTP) has been the default option for a long time, but HTTP Secure (HTTPS) is a newer and safer protocol that encrypts the transmission of data over the internet.

HTTPS is increasingly being recommended for all sites. It greatly reduces the risk that malicious users can intercept and misuse sensitive data. However, in order to use HTTPS on your own website, you’ll need a Secure Sockets Layer (SSL) certificate.

This activates the HTTPS protocol, creating a secure link between your website and each visitor’s browser, protecting all data transmitted between the two. It also verifies that your connection is secure, so visitors can be confident that your website is safe. Obtaining an SSL certificate isn’t difficult, but first you’ll want to understand the various options that are available.

The 3 Types of SSL Certificates

Let’s explore the three basic types of SSL certificates. We’ll explain what makes them distinct, discuss their pros and cons, and talk about when each is most useful.

1. Domain Validation

The Let's Encrypt website.
Let’s Encrypt provides basic but free SSL certificates.

SSL certificates differ based on how they’re ‘validated’. In other words, each kind of certificate requires different process to be approved. The organization providing this approval is called a Certificate Authority (CA).

Domain validation is the simplest method. To get one of these SSL certificates, all you need to do is prove that you own your domain name. Typically, the CA will either perform this validation through email, or by looking up the Domain Name System (DNS) records for your site.

The primary advantage of domain validation is that it’s quick and simple – you can often obtain one in minutes. It’s also the cheapest kind of SSL certificate you can buy – some are even free.

Conversely, domain validated certificates also provide the least security. Users will know that their information is encrypted, but can’t verify that you are who you claim. Some browsers display sites with a domain validated certificate using a gray warning symbol next to the URL.

However, this isn’t likely to be a problem if your site doesn’t handle sensitive information. Domain validated certificates are perfect for blogs, portfolios, and other sites that don’t collecting user data.

If you decide that you want a domain validated certificate for your site, Let’s Encrypt is an excellent option. This CA provides free SSL certificates, and is simple to use with most hosting providers.

2. Organization Validation

A table comparing the three types of SSL certificates.
Organization validation provides more trust and assurance than domain validation.

This level of SSL certificate is a little more advanced. In order to get one, the CA will need to investigate your website. At a minimum, they’ll be looking for proof that your organization is legitimate.

An organization validated certificate is typically more expensive than domain validation. The approval process will also take longer – often a few business days. That gives the CA time to conduct a brief investigation, but it makes this kind of certificate less convenient.

On the other hand, organization validation is more secure. Visitors can more easily find information about who actually runs the site, which promotes greater trust between you and your users.

For these reasons, this is the minimum level of validation you’ll need for any site that collects sensitive user data, such as e-commerce sites, membership portals, and so on. However, if you are running a site like this, we strongly recommend you consider the next level of SSL certificate instead.

3. Extended Validation

The GlobalSign website.
GlobalSign is a popular CA, offering all types of SSL certificates.

Extended validated certificates require the strictest approval process. Before assigning one of these certificates, the CA will perform a thorough investigation. It will look for proof of the organization’s existence, legal status, identity, ownership of the site’s domain name, and more.

This is the most expensive and time-consuming type of SSL certificate you can purchase. Times will vary based on the CA you’re using, but you’ll often have to wait one or two weeks for approval.

Fortunately, this certificate also provides the highest level of security. It proves that your organization is legitimate, meaning users can trust that their information is safe and used carefully. Plus, most of the major browsers will indicate that your connection is secure. Extended validated certificates are highly recommended for websites that handle personal data and enable visitors to buy goods or services – if you can afford it.

Whether you’re looking for extended or organization validation, you’ll need to find a CA. There are a lot of options out there, but we’d recommend starting with GlobalSign. They offer certificates at all levels of validation, and you may even be able to set them up through your existing hosting service.

Conclusion

No matter what type of website you’re running, it’s important that your connections are secure. This is one of the best ways of promoting trust in your site and organization. To do this effectively, you’ll need to choose the right SSL certificate.

By now, you should understand the differences between the three basic types of SSL certificates:

  1. Domain validation. This only requires you to prove that you own your site’s domain. It offers the lowest level of security, but is the quickest and cheapest option.
  2. Organization validation. These certificates can be obtained relatively quickly and are more expensive. In exchange, your visitors get further proof of your site’s security.
  3. Extended validation. If you’re running an e-commerce site or something similar, this type of certificate is recommended. It’s fairly expensive and takes some time, but provides the highest level of security.

Do you need help deciding which type of SSL certificate is right for your website? Let us know in the comments section below!

Image credit: Life of Pix.

About Alex Ali

Check Also

spectre protection

Meltdown & Spectre – A2 Hosting’s Response

We have received a number of questions regarding our response to the potential vulnerabilities posed …