Are you confused about SSL?
While a little boring, businesses need to understand the different types of SSL certificates with internet security being such a hot button right now. So here goes…
There are three primary types: Domain Validated (DV), Organizationally Validated (OV) and Extended Validation (EV). There are also Wildcard and SAN (Subject Alternative Names) certificates.
- Domain Validated (DV) verifies ownership of the domain. It only verifies the registrant – normally handled via e-mail. You do get an https:// address but you won’t get a site seal. Typical guarantee is only about $10,000. This type validation can be handled quickly (within a few minutes).
- Organizationally Validated (OV) proves that you own the domain and your organization is legitimate. Typical guarantee is about $50,000 but can be as much as $1 million depending on provider and level purchased. This usually takes a couple days to complete. You will receive a site seal and an https:// address.
- Extended Validation (EV) has the more rigorous vetting process. This is your most secure way to go. This is available for business (incorporated or unincorporated) and government entities. This is not available for personal sites. Steps used to vet your business and provide a Certificate of Authority (CA):
- Your legal, physical and operational existence will be verified
- The provider will verify that your company identity matches official records
- Your exclusive right to use your domain is verified
- The provider will also verify that the issuance of n EV SSL was properly authorized
With an EV SSL, the Certificate of Authority (CA) will be audited yearly. This level of security gives you a green bar along with the https:// so that visitor will immediately know that the site is secure. This typically takes about a week to complete. The guarantee with an EV is usually $1 million.
So now that we understand the three levels of security, we need to look at Wildcard and SAN certificates.
- Wildcard certificates are usually an OV type certificate. This protects multiple subdomains (*.domain.com) with just one SSL. For example: mail.mydomain.com, legal.mydomain.com, etc. This typically carries a $1 million guarantee. This will take a few days but can be expedited to 1 day (for a fee of course).
- SAN (Subject Alternative Names) certificates are used for multiple domains. While this varies by vendor, most provide these for up to 100 different domains, subdomains and public IP addresses. Fees are calculated based on the number of domains covered. A SAN certificate uses only 1 SSL and requires only 1 IP address to host the certificate. The SSL can be OV or EV type certificates.
There is more in depth information out there but this should help most business make a decision. Pricing is different depending on the vendor providing the SSL so it makes sense to shop around.