Nowadays not having a SSL certificate for your domain is an unforgivable mistake, and it can be very risky.
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the HTTPS protocol (over port 443) and allows secure connections from a web server to a browser.
The SSL certificates can be divided in groups based on validation level or the number of secured domains.
Let’s see in detail the SSL Certificates based on validation levels.
SSL certificates based on validation levels
- Domain Validation Certificates (DV)
This is the lowest level of validation. It is verified by the Certificate Authority (CA), which certifies that the organization controls the domain.The verification is usually done via email. In order to verify the ownership of the domain, you can change your DNS records adding a specific TXT record, or you can upload to your server a file provided by the Certificate Authority. After the user demonstrates the ownership of the domain, the CA issues a certificate. The procedure is done within minutes.
- Organization Validation Certificates (OV)
This is a certificate with a medium level of validation. It is verified by the Certificate Authority, which investigates the organization requesting the certificate. The CA will contact the organization to make sure that the request is legitimate. The CA validates the ownership of the domain and the organization information included in the certificate, such as name, city, country, etc. The procedure can take a few days. The company information is displayed in the details of the certificate.
- Extended Validation Certificate (EV)
This is the most strict level of validation. The Certificate Authority verifies the ownership of the domain, the organization information, the physical location and the legal existence of the company. It also verifies if the organization is aware of the SSL certificate request. Many documents are required to certify the company identity. The procedure can take a few weeks. The extended validation certificate is shown with a green bar in the browser address bar.
Now let’s have a look at the certificates based by number of domains.
SSL Certificates based by number of domains
- Single domain SSL Certificates
This kind of certificate protects only a single subdomain/hostname.
For example, in the case of the domain example.com, if you protect www.example.com you cannot protect also mail.example.com
- Wildcard SSL Certificates
This kind of certificate protects an unlimited number of subdomains for a single domain.
For example, in the case of the domain example.com, you can protect www.example.com, mail.example.com, blog.example.com, etc.
It will work on any subdomain (but it won’t work to protect, for example, xyz.blog.example.com)
- Multidomain SSL Certificates
This certificate protects up to 100 domains. It is meant to secure Microsoft Exchange and Office Communications environments.
It protects different domains with a single certificate with the help of the SAN extension.
Still not sure about which SSL certificate is the best for your business? Contact us! TECHCONSULTI partners with the main SSL certificate vendors, and we will help you choosing the best certificate!