Different Types of SSL Certificates Explained

SSL/TLS certificates are used to authenticate the identity of a website and create a secure connection between the web server and a browser. Depending on your needs, there are many different types of SSL certificate options available, all with their unique use cases and value propositions. The level of authentication assured by a Certificate Authority (CA) is a significant differentiator between the types. Each type of certificate requires specific information and documentation, and once that is received, a CA follows a set of Baseline Requirements to complete the certificate verification process before issuance.

There are three recognized categories of SSL certificate types:

• Extended Validation (EV)
• Organization Validation (OV)
• Domain Validation (DV)

Within these authentication types, there are also unique variations available to customers including single domain, multi-domain, and wildcard.

When determining which type of SSL is needed for a website, enterprises and individuals should start by choosing the main authentication type that adheres to their requirements. From there, they can opt for a specific package to meet the unique needs of their domain setup. Certain variations are better suited for businesses with a single domain vs multiple domains vs a single domain with several subdomains. Learn about each type below to find the most appropriate, cost-effective option for your needs.

SSL Certificate Authentication Types

The functionality of your website and how it’s being used will help determine the level of validation needed for your certificate.

What is a Domain Validation SSL Certificate?

Domain Validation (DV) SSL certificates provide the quickest, easiest, and most cost-effective way to receive industry-standard encryption. This validation type requires proof of ownership for the secured domain and is typically issued within minutes. Once installed, DV certificates show trust indicators in browsers like the padlock icon and the string https:// before the website domain. Because the legitimacy of the organization is not vetted, they are not recommended for business websites but are ideal for internal sites, test servers, and test domains.

The value propositions of DV SSL:

• Validates control of a domain
• Enables https and the padlock icon in browsers
• Issues within minutes

What is an Organization Validation SSL Certificate?

Organization Validation (OV) SSL certificates are a step up from DV. To receive one, an organization must prove domain ownership for the domain it wishes to secure and confirm that it is a legally registered business. Details including organization name, phone number, and location will be verified during this step. These can only be issued to a registered organization and not individuals, making them more suitable for public-facing websites, though still not ideal for websites that collect any type of sensitive information.

The value propositions of OV SSL:

• Validates control of the domain
• Enables https and the padlock image
• Authenticates the legitimacy of an organization, adding a level of trust
• Shows organization details in the certificate information
• Issues in 1-3 days after all required documents are received

What is an Extended Validation SSL Certificate?

Extended Validation (EV) SSL certificates provide the highest level of trust and are the industry standard for eCommerce websites. To receive one, website owners must meet the authentication requirements for an OV SSL but also go through a stricter vetting process performed by a human specialist.

The human part of the validation process can give consumers greater confidence in a site’s legitimacy and their online transaction process. This type is recommended for all business and enterprise websites, but is especially important for any site that requests personal information from users (eCommerce, financial, legal and otherwise). EV certificates provide the same padlock image trust indicator that the DV and OV types also provide, however, due to the lengthy validation process, the EV type also provides the best protection for customers as phishing sites would have a difficult time impersonating a legitimate company and getting validated with an EV certificate.

The value propositions of EV SSL:

• Validates control of the domain
• Enables https and the padlock image
• Authenticates the legitimacy of an organization, adding an additional level of trust
• Verifies the applicant has the right to request an EV SSL and is in good standing with the organization
• Shows organization details in the certificate information
• Issues in 1-5 days after all required documents are received

Variations of Certificates

Today's websites have multiple layers of pages, domains, and subdomains. Whether you need to secure a single domain with one subdomain, or 100 domains and their aligning subdomains, there are SSL variations that can handle any situation.

Single Domain SSL Certificates

A single domain SSL secures one domain, both the WWW and non-WWW versions. It can also secure a single subdomain, hostname, IP address, or mail server. This variation is available in DV, OV, and EV authentication options.

Beyond the single domain option, there are additional types designed for today's modern websites that apply the authentication type with feature sets to secure unique web environments.

Multi-Domain (MD) or Subject Alternative Names (SAN) SSL Certificates

Also commonly referred to as SAN certificates, multi-domain certificates allow a single certificate to secure multiple domains, including subdomains of a single main domain name or entirely different domain names. One of these can secure up to 250 unique domains with a single solution. They provide a convenient option for organizations that own a lot of domains and are looking for a simplified way to secure them through a single solution rather than purchasing an individual certificate for each. Multi-domain SSL certificates are available in DV, OV, and EV validation options.

Unified Communications (UCC) SSL Certificates

The Unified Communications certificate type is designed for the Microsoft Exchange and Microsoft Office Communication Server environments. This is a multi-domain option that can secure up to 100 domains.

Wildcard SSL Certificates

The Wildcard SSL option is used to secure the main domain and an unlimited number of subdomains under the main domain. For example, www.yourwebsite.com, login.yourwebsite.com, mail.yourwebsite.com, etc., would all be secured with one Wildcard certificate. This type offers full encryption for the subdomains, making it an affordable and effective solution for most websites. They are available in DV and OV validation options.

Sectigo is a leading CA and the #1 market leader in SSL certificates. See a comparison of our different types of SSL authentication levels and variations here, and if you need more information on choosing the right one for your website, contact Sectigo today.