If you know anything about website security, you probably already know how important SSL is. Encrypting the link between your site and users’ browsers, SSL ensures private information stays private. But how do you decide which SSL type to buy? It seems like there are so many to choose from, so it’s understandable to be a bit confused.
Fortunately, we’re here to help. This article will outline the ins and outs of every SSL type on the market. Whether you want to buy an SSL certificate by Namecheap or another store, these SSL types will be the same across the board.
There are two main elements of SSL types: the number of domains and subdomains you have, and the level of validation you require for your website type. Let’s take a closer look at what this means.
Number of domains and subdomains
The first thing you should do when buying an SSL is simply count the number of domains and/or subdomains you have. You should also consider whether you want to create any more in the future. Once you do that, decide which of the following suits your needs:
- Single-domain SSL certificate: As the name indicates, this protects a single website.
- Multi-domain SSL certificate: This protects multiple domains — 3 to 100.
- Wildcard SSL certificate: The least self-explanatory of these, a Wildcard secures a single primary domain and unlimited single-level subdomains linked to it. For instance, if your site is example.com, then the subdomains should look like *.example.com. It will also automatically protect any subdomain you create later.
This element should be pretty simple to decide. People often find choosing a validation level a little trickier.
SSL Validation levels
Validation is essentially the verification of you or your company’s existence. Before a Certificate Authority (CA) gives you an SSL, they must perform background checks to determine whether the information you provided is accurate. The higher the validation level, the more information about your company will be included in your actual SSL certificate. The level of validation you should go for is up to you, but a good rule of thumb is that the more you ask a user to do on your site, the higher your validation level.
So, a static informational site likely doesn’t need a high validation level, but an e-commerce store does to give as much transparency as possible to a potential customer.
Without further ado, here are the three validation levels.
- Domain validation (DV): This is the most basic validation level. The CA will simply check that you have access to the site’s admin email. Minimal info is included in the SSL certificate.
- Organization validation (OV): Medium validation. The CA will make a few more checks, such as calling the company premises.
- Extended validation (EV): The most extensive validation level, the CA will perform more checks like cross-checking government records. Includes the most information about your company in the SSL itself.
So, how does this actually work in practice? If you have the previously mentioned static site, you would probably go for a single-domain DV certificate. An e-commerce store with several domains would likely choose a Multi-Domain EV certificate.
Hopefully, this article has given you a better idea of choosing the best SSL for your site!