Choosing the most appropriate and reasonably priced SSL (Secure Sockets Layer) certificate from a wide variety is something of a quandary, which prompted me to put together a classification of the most common types.
SSL certificates ensure that any sensitive information — passwords, credit card information, to name a few — is encrypted and therefore protected from malicious users. Additionally, some certificates guarantee company authentification because they cannot be obtained without a proper check of foundation documents.
Self-signed and CA-signed SSL certificates
Broadly speaking, as far as the price and trust are concerned we distinguish between
- self-signed SSL certificates;
- CA (Certificate Authorities)-signed SSL certificates.
You create self-signed certificates yourself free of charge, yet for a single domain name. However, most browsers do not recognize them immediately issuing a security alert and advising against using this website. They may be suitable internally provided you instruct your employees to disregard alert messages. Using them for public websites is out of question unless you want to lose the clients. To top it all, you gain dubious reputation as you have not been validated by the authorities.
By contrast, CA-singed certificates require prior validation and therefore come at a price and also possibly with compliance and compatibility issues. For example, as SSLShopper points out, if you use wildcard SSL certificates, you can end up having a mismatch error or incompatibility issues because some mobile device operating systems do not recognise these certificates at all.
Domain Validation and Extended Validation SSL certificates
By validation, there are two major types of the certificates:
- Domain Validation
- Extended Validation
If you need a certificate at short notice, the Domain Validation SSL certificate fits the bill because it is created automatically and in no time. You merely have to prove that you have a domain by replying to an email or phone call using the information from the Whois record. The drawback is that the company is not verified and thus has little credibility. It is is the cheapest type, though.
If you want your users to be assured of their safety on your website, go for the Extended Validation SSL certificate.To obtain it you have to provide the CA authorities with the following information to be verified:
- your company’s registration and activity;
- address and phone number;
- the right to use the domain;
- the person applying for the certificate is approved by the company;
- the company is not in any blacklist.
As it takes time to check this information, the certificate cannot be granted quickly. Their price is clearly higher as well.
These are only a few of many certificates that are currently on offer. They vary according to a number of domains and sub-domains they secure and level of authentification, hence to choose the right one you ought to know your needs precisely.