Understanding Different Types of SSL Certificates

To most users – including myself, I thought until very recently that every SSL certificate was the same. As long as I see a padlock icon on the address bar, the site is secured. When I had to get a certificate issued for my online store, I still thought that all SSL certificates are the same. I couldn’t be more wrong. There are actually three types – or levels – of SSL certificates, and we are going to take a closer look at them in this post.

Understanding Different Types of SSL Certificates

Domain SSL Certificate

The first and often the easiest SSL certificate to get is domain-level SSL certificate. As the name suggests, the certificate is made to validate your domain name and your right – as the domain owner – to use that particular domain name.

Getting a domain SSL certificate is fairly easy. You can now get one for free through the Let’s Encrypt program. All you have to do is use the correct client for the process and have a valid domain name in hand. The process takes no more than a few minutes. At the end of that process, you will have a domain-level SSL certificate issued and ready for use.

Domain SSL certificate validates nothing more than the fact that you own the domain name, and that you have complete rights to use that domain name online. You are not required to submit any documentations at all. The certificate authority will only check your data against the domain name in question.

Although you will still get that padlock icon once the certificate is set up properly, you will not get the same level of protection as other, higher SSL certificate levels. For example, there is no information displayed when the icon is clicked; the certification will only show the standard Secure Site Seal and encryption information.

Organisation SSL Certificate

The second type of SSL certificate is known as organisation SSL certificate. To get one, you will have to complete the Organisation Validation process. This includes submitting information about domain ownership, details about your company or organisation and other information that might be needed to validate your company.

The validated information will be showed in your SSL certificate. When customers click on the padlock icon, information on the company will appear alongside the Secure Site Seal. This gives customers extra confidence to submit information or make purchases on the secured site.

To get an Organisation SSL Certificate, you will have to prepare certain documents, including:

  • Company registration documents. The certificate authority will contact your company’s registration authority to validate those documents and make sure you are a legal entity recognised by the law
  • Business license or certificate of incorporation is accepted for companies and commercial entities
  • Sales and use tax documents
  • Trade name registration form
  • Corporate annual report

You may even be asked to submit more than one supporting document for the SSL certificate to be issued. Unlike Domain Validation, Organisation Validation can take up to 3 business days to process.

Multi-Domain SSL Certificate

Multi-domain SSL certificates, also known as SAN (Subject Alternative Names) certificates, are slightly different than the previous types we discussed. Whilst the two types of SSL certificates we discussed earlier are only valid for a single domain name, SAN certificates are used to secure multiple domain names across the same server.

The SSL certificate is issued on a per-server basis. All domain names hosted on the same physical server can be secured using the same SSL certificate. Some newer SAN certificates even support the use of multiple servers, as long as you register the domain names you want to protect.

The standard SAN certificate comes with the ability to secure 4 domain names. This includes variations and subdomain names. For example, www.yourdomain.com and store.yourdomain.com are considered as two domain names. If you want to secure more than 4 domain names, you can add additional domain at a cost.

For those running multiple websites on different hosting services or servers, a SAN certificate is very handy indeed. Instead of buying individual certificate for each domain name, you can now manage them all using a single certificate. You can also save a lot of money by using SAN certificates, since the cost of securing each domain will be lower.

Which certificate is for you?

The standard domain-level SSL certificate is great for personal users, mainly bloggers or those of you who run a personal website. It can also be used for small and home businesses. Most web hosting companies offer SSL certificates as part of their product list such as this one and as you can see they come in a range of options.

Business websites should definitely use Organisation SSL certificate. It will show more information about the company behind the website, which means customers can make purchases and submit their personal information with confidence.

For companies who run multiple websites, opting for the SAN certificate is the obvious choice. The amount of money that can be saved is too good to miss.