How to Pick the Right SSL Certificate For Your Website

By Mohit Tater | Technology

Mar 20
How to Pick the Right SSL Certificate For Your Website

Secure Sockets Layer (SSL) is a security method by which data being transferred over servers gets encrypted such that the website’s vulnerability to hacker attacks and phishing is reduced considerably. When people access a SSL-secured website, they feel confident that their sensitive data (credit card number, address, phone number, social security number, etc.) is secure and will not be hijacked by unscrupulous websites.

encryption

Image by Tumisu via Pixabay

1. Why to Get SSL?

Although getting SSL certification is not mandatory for all websites, the benefits you and your end users get from SSL are many.

  • SSL certification can build customer’s trust on your website
  • Your website becomes less vulnerable to hackers as all its data is encrypted
  • SSL certificates can protect your website against phishing schemes
  • Some SSL certifications add HTTPS in your URL that may get your site to rank higher in Google than HTTP sites.
  • Warranty in SSL certificate covers damages incurred to end users who experience fraudulent, unsecured websites. We’ll talk about warranty a bit later.
  • SSL certification is a mandatory requirement for all websites in the ambit of Payment Card Industry (PCI)

2. Types of SSL Certificates

There are many types of SSL certificates available, each with differing levels of protection and usage. To objectively compare the types and vendors of SSL, you need to understand the finer differences between them.

key data

Image by Geralt via Pixabay

a. Types of certificates based on level of protection

  • ​A domain-validated SSL certificate

This is a low assurance certificate and the most basic, standard type of certificate issued. A domain-validated SSL ensures that the website’s domain name is registered. Additional documentation is required to obtain this certification. An administrator needs to approve the validation request. A webmaster must confirm validation via email or configure a DNS record for the site.

Processing time: A few minutes to a few hours

Recommended for: Use on internal systems only

Level of Protection: LOW

  • An organization-validated certificate

This is a high assurance certificate. Real agents will validate domain ownership and confirm the organization’s details such as name, city, state, and country. Just like domain-validated SSL, this certification requires additional documentation to verify the company’s identity.

Processing time: A few hours to a few days

Recommended for: All businesses and companies

Level of Protection: MEDIUM

  • An Extended Validation (EV) certificate

EV certificate procurement has the most rigorous validation process. This certificate validates that the business running the website is a legal entity. It requires businesses to furnish information such as proof of domain ownership. The other two certificates DO NOT prove that a website is being operated by a legitimate, verified business. On getting EV certificate, your website browser will display a green lock symbol to signify its validity. Check out our website’s address bar.

mixeron

Processing time: A few days to a few weeks

Recommended for: All e-Commerce websites

Level of Protection: HIGH

EV certificates are absolutely essential for websites soliciting sensitive information from users such as their card details, SSN details, and contact details.

b. Types of SSL certificates based on usage

  • Single-name SSL certificate

These SSL certificates protect a single domain for which they are registered. For example, if you purchase a certificate for www.mixeron.com, the certificate won’t secure marketing.mixeron.com or services.mixeron.com.

  • Wildcard SSL certificate

These SSL certificates can secure a large number of domains that feed off a singular root domain, by a single certificate. In the example above, if you want to secure marketing.mixeron.com, services.mixeron.com, www.mixeron.com and more offshoots of Mixeron, you can apply for a wildcard SSL certificate for *.mixeron.com.

From a practical viewpoint, it’s easier to maintain a single wildcard SSL than 7 different single-name SSLs.

  • Multi-domain SSL certificate

Multi-domain SSLs can secure 210 plus domains with a single certificate. The cap limit varies by providers.

3. What about Free SSL certificates? 

Many website makers try to get around paying for SSL certificate by opting for a free certificate. This strategy has more cons than pros. Free certificates or self-validated SSL certificates do not offer any kind of reassurance to visitors. When people try to access such websites, most web browsers will issue an error message that reads- “This connection is unsecure.” While many people would still proceed by clicking “I understand the risks”, many would click “Get me out of here” and never return or recommend your website.

ssl certificate

Free SSL certificates are virtually unregulated. Even if your website is compromised, it will appear secure and invite visitors. On the other hand, if you purchase certificate from a trusted vendor, you can revoke the certification and alert users of potential threats, thereby avoiding disputes later.

4. What is SSL certificate warranty? How much warranty do you need?

Warranty of a SSL certificate plays an important role in your final certificate purchase decision. Just like all insurances, SSL certificates also come with a warranty period and conditions. A point to note is that SSL warranties protect end users for damages incurred on an unsecure website, not the warranty purchaser!

For example, an online shopper suffered monetary loss the SSL provider should pay compensation to the shopper since they failed to alert users that the website is not secure. But this happens rarely since most users approach their credit card company or the website’s customer care instead of claiming damages from the SSL provider.  

5. How to choose the right SSL certificate?

Picking the right SSL certificate and vendor is challenging as many providers bundle up extras making purchasers lose objectivity. Typically, buying SSL from third party reseller comes out cheapest; just examine the type of customer assistance you’ll get after purchase. If you plan to continue association with the same SSL provider for a long period, you can hope for a good discount if you pay multi-year fees upfront.

matrix binary security

Image by Geralt via Pixabay

These questions can help you compare SSL prices and make a prudent buying decision:

  • What type of property do you wish to secure (domain, sub-domain, etc.)?
  • What is the number of properties you want to protect (Single, wildcard, or multiple)?
  • What is the level of protection you want (low, medium, or high)?
  • Do you conduct monetary transactions on your website using trusted third parties such as PayPal? If so, you don’t really need to purchase SSL as PayPal will secure transactions on your behalf.

Getting SSL certificate for your website is a smart move to cultivate visitor trust and make your website safe from data breach. But extreme caution needs to be exercised when applying for SSL. Your SSL can be invalidated for a number of reasons- if you serve mixed content (HTTP+HTTPS); have a domain name mismatch; miss purchasing intermediate/chain certificates; install more than one SSL on the same IP or socket number; or not renew SSL 90 days before its expiration.

Stay tuned for more informative articles on website design and marketing best practices.

About the Author

Mohit Tater is the founder and CEO of BlackBook Investments through which he helps people invest in online businesses and digital assets. Apart from advising clients on SEO and marketing he also blogs at mohittater.com.

Leave a Comment:

Leave a Comment: