Difference between revisions of "Options for SSL Certificates to Secure Your Website"

(Created page with "Building customer trust or obtaining customers’ confidence in your business website is a must. The best way to accomplish this trust is to install an SSL certificate. SSL (S...")
 
(No difference)

Latest revision as of 06:02, 4 April 2020

Building customer trust or obtaining customers’ confidence in your business website is a must. The best way to accomplish this trust is to install an SSL certificate. SSL (Secure Sockets Layer) certificates are used to secure website pages when submitting necessary sensitive information. Sensitive information can be in the form of payment methods, online services such as online banking, and account login websites. SSL certificates can also be used to gain an end user’s trust. Google has incentives for website owners to install SSL certificates for search engine ranking benefits. When the SSL certificate gets installed to a website, the URL changes from HTTP to HTTPS. A padlock appears in the URL address bar. Seeing the padlock builds immediate trust with those visiting your site.

A Certificate Authority (CA) is a trusted third party which generates and issues SSL certificates for websites. There are a variety of types of SSL validation levels. It’s essential to be familiar with them to know which to install.

Here is a list of the different types of SSL certificate types that can be purchased:

  • Extended Validation Certificates (EV SSL)
  • Organization Validated Certificates (OV SSL)
  • Domain Validated Certificates (DV SSL)
  • Wildcard SSL Certificate
  • Multi-Domain SSL Certificate (MDC)
  • Unified Communications Certificate (UCC)

Extended Validation Certificates (EV SSL)

The highest-ranking and most expensive SSL certificate type is an Extended Validation Certificate. This type of SSL certificate, when installed, displays the padlock, HTTPS, name of the business, and the country on the browser address bar. Displaying the website owner’s information in the address bar helps distinguish the site from malicious sites. Setting up the EV SSL certificate requires the website owner to go through a standardized identity verification process to confirm they are authorized legally to the exclusive rights to the domain. EV SSL certificates are for high profile websites for applications that require identity assurance such as collecting data, processing logins, or online payments.

Types of Browser Views with EV SSL Certificates:

  • Chrome shows a padlock, HTTPS, the name of the business, and the country code in green font.
  • Firefox shows a padlock, the name of the business, and the country code in green font and HTTPS.
  • Microsoft Edge shows a padlock, the name of the business, and the country code in green font and HTTPS.
  • Safari shows the green padlock and the name of the business.


Organization Validated Certificates (OV SSL)

The Organization Validation SSL certificate’s primary purpose is to encrypt the user’s sensitive information during transactions. This version of SSL certificate has a high assurance similar to the EV SSL certificate, which is used to validate a business’ creditably. This SSL certificate type also displays the website owner’s information in the address bar to help distinguish from malicious sites. OV SSL certificates are the second-highest in price. Commercial or public-facing websites have a requirement to install an OV SSL certificate to assure that any customer information shared remains confidential. To obtain an OV SSL certificate, the website owner needs to complete a substantial validation process. A Certification Authority (CA) investigates the website owner to see if they have the right to their specific domain name. Once the SSL certificate gets installed, the business information shows in the browser address bar.

Types of Browser Views with OV SSL Certificates:

  • Chrome shows padlock, business name, country code, and HTTPS in green font.
  • Firefox shows a green padlock, business name and country code in green font, and HTTPS.
  • Microsoft Edge shows a green padlock, business name and country code in green font, and HTTPS.
  • Safari shows the green padlock and the name of the business.

SSL-Certificates-OV-SSL-Certificate-Viewer-of-Amazon.com_.png

Domain Validated Certificates (DV SSL)

Domain Validation SSL Certificate has a low assurance and minimal encryption, typically for blogs or informational websites. The validation process to obtain this SSL certificate type is minimal. The process only requires website owners to prove domain ownership by responding to an email or phone call. This SSL certificate type is one of the least expensive and fastest to obtain. The browser address bar only displays HTTPS and a padlock with no business name displayed. If you do not need extra assurance for your website visitors, then you would install a Domain Validation SSL certificate.

Types of Browser Views with DV SSL Certificates:

  • All browsers will only show a green padlock and HTTPS.

Wildcard SSL Certificates

Wildcard SSL certificates are used to secure a base domain and unlimited subdomains. Purchasing a wildcard SSL certificate is cheaper than purchasing several single-domain SSL certificates. OV Wildcard SSL certificates or DV Wildcard SSL certificates are available for purchase. Wildcard SSL certificates have an asterisk * as part of the common name. The asterisk * represents any valid subdomain that has the same base domain. For example, the common name can be *.example.com. This SSL certificate type could get installed for install.example.com, list.example.com, etcetera.

SSL-Certificates-Wildcard-SSL-Certificate-example-of-ancestry.com_.png

Multi-Domain SSL Certificates

Multi-Domain certificates can secure up to 100 different domain names and subdomains using a single certificate which helps save time and money. You have control of the Subject Alternative Name (SAN) field to add, change, and delete any of the SANs as needed. Domain Validated, Organization Validated, Extended Validated, and Wildcard SSL types are available as well. Here are some domain name examples that can gain security with just one Multi-Domain SSL certificate:

  • www.domain.com
  • www.domain.in
  • www.domain.org
  • domain.com
  • checkout.domain.com
  • mail.domain.com
  • secure.exampledomain.org
  • www.website.com
  • www.example.co.uk

SSL-Certificates-Multi-Domain-SSL-Certificate-of-digicert.com_.png

Unified Communications Certificates (UCC)

Unified Communications Certificates (UCC) are also considered Multi-domain SSL certificates. UCCs were initially designed to secure Microsoft Exchange and Live Communications servers. Today, any website owner can use these certificates to allow multiple domain names to get secured on a single certificate. UCC Certificates are organizationally validated and display a padlock on a browser. UCCs can be used as EV SSL certificates to give website visitors the highest assurance through the green address bar.

SSL-Certificates-Unified-Communications-Certificate-UCC-of-nike.com_.png

Conclusion

There is great importance to having SSL certificates securing websites. Giving website visitors confidence in their safety is key to having a successful website.

  • If a website has HTTP instead of HTTPS, the browser sends all the information as plain text to the webserver. If anyone is watching web traffic, they can see that information.
  • If the website has an SSL certificate installed and using HTTPS, the web traffic is encrypted. Encryption is of great importance for collecting any customer’s sensitive information.
  • Google has incentives for websites that have SSL certificates installed. Helping Google to rank your website higher should be at the top of your list.