7 different types of SSL certificates explained
Learn about the different types of SSL certificates: extended validated (EV), organization validated (OV) and domain validated (DV). See use cases, variations, and more.
Table of Contents
SSL/TLS certificates are used to authenticate the identity of a website and create a secure connection between the web server and a web browser. Depending on your needs, there are many different types of SSL (Secure Sockets Layer) / TLS (Transport Layer Security certificate options available, all with their unique use cases and value propositions. The level of authentication assured by a Certificate Authority (CA) is a significant differentiator between the types. Each type of certificate requires specific information and documentation, and once that is received, a CA follows a set of Baseline Requirements to complete the certificate verification process before issuance.
There are three recognized types of SSL certificates, based on their validation level:
- Extended Validation (EV)
- Organization Validation (OV)
- Domain Validation (DV)
Within these authentication types, there are different variations available:
- Single domain
- Multi-Domain (MD), also known as Subject Alternative Names (SAN)
- Wildcard
- Unified Communications
When determining which type of SSL is needed for a website, enterprises and individuals should start by choosing the main authentication type that adheres to their website security requirements. From there, they can opt for a specific package to meet the unique needs of their domain setup. Certain variations are better suited for businesses with a single domain vs multiple domains vs a single domain with several subdomains. Learn about each type below to find the most appropriate, cost-effective option for your needs.
SSL certificate authentication types
The functionality of your website and how it’s being used will help determine the level of validation needed for your certificate.
Domain validation SSL certificate
Domain Validation (DV) SSL certificates provide the quickest, easiest, and most cost-effective way to receive industry-standard encryption. This validation type requires proof of ownership for the secured domain and is typically issued within minutes.
Once installed, DV certificates show trust indicators in browsers like the padlock icon and the string https:// before the website domain in the address bar.
Benefits of DV SSL:
- Validates control of a domain
- Enables https and the padlock icon in browsers
- Issues within minutes
Use cases
Since the legitimacy of the organization is not vetted, DV SSL certificates work best on websites that don’t collect any personal data or credit card transactions. Common use cases are blogs and personal websites. They can also be ideal for internal sites, test servers, and test domains.
Organization validation SSL certificate
Organization Validation (OV) SSL certificates are a step up from DV in terms of validation level. To receive one, an organization must prove domain ownership for the domain it wishes to secure and confirm that it is a legally registered business. Details including organization name, phone number, and location will be verified during this step.
Benefits of OV SSL:
- Validates control of the domain
- Enables https and the padlock image
- Authenticates the legitimacy of an organization, adding a level of trust
- Shows organization details in the certificate information
- Issues in 1-3 days after all required documents are received
Use cases
Since OV SSL certificates can only be issued to a registered organization and not individuals, this makes them more suitable for commercial and public-facing websites, though still not ideal for websites that collect any type of sensitive information.
Extended validation SSL certificate
Extended Validation (EV) SSL certificates provide the highest level of trust and are the industry standard for eCommerce websites. To receive one, website owners must meet the authentication requirements for an OV SSL but also go through a stricter vetting process performed by a human specialist.
The human part of the validation process can give consumers greater confidence in a site’s legitimacy and their online transaction process.
EV certificates provide the same padlock image trust indicator that the DV and OV types also provide, however, due to the lengthy validation process, the EV type also provides the best protection for customers as phishing sites would have a difficult time impersonating a legitimate company and getting validated with an EV certificate.
Benefits of EV SSL:
- Validates control of the domain
- Enables https and the padlock image
- Authenticates the legitimacy of an organization, adding an additional level of trust
- Verifies the applicant has the right to request an EV SSL and is in good standing with the organization
- Shows organization details in the certificate information
- Issues in 1-5 days after all required documents are received
Use cases
EV SSL certificates are recommended for all business and enterprise websites but are especially important for any site that requests personal information from users (eCommerce, financial, legal and otherwise).
Other SSL certificate variations
Today's websites have multiple layers of pages, domains, and subdomains. Whether you need to secure a single domain with one subdomain, or 100 domains and their aligning subdomains, there are SSL variations that can handle any situation
Single domain SSL certificates
A single domain SSL secures one domain, both the WWW and non-WWW versions. It can also secure a single subdomain, hostname, IP address, or mail server. This variation is available in DV, OV, and EV authentication options.
Multi-Domain (MD) or Subject Alternative Names (SAN) SSL certificates
Also commonly referred to as SAN certificates, multi-domain certificates allow a single certificate to secure multiple domains, including subdomains of a single main domain name or entirely different domain names. One of these can secure up to 250 unique domains with a single solution. They provide a convenient option for organizations that own a lot of domains and are looking for a simplified way to secure them through a single solution rather than purchasing an individual certificate for each. Multi-domain SSL certificates are available in DV, OV, and EV validation options.
Multi-Domain SSL Certificates Secure Multiple Domains
Wildcard SSL certificates
The Wildcard SSL option is used to secure the main domain and an unlimited number of subdomains under the main domain. For example, www.yourwebsite.com, login.yourwebsite.com, mail.yourwebsite.com, etc., would all be secured with one Wildcard certificate. This type offers full encryption for the subdomains, making it an affordable and effective solution for most websites. They are available in DV and OV validation options.
Wildcard SSL certificates are available in DV and OV validation options.
Wildcard SSL Certificates Secure the Main Domain & Unlimited Sub-Domains
Unified communications (UCC) SSL certificates
The Unified Communications certificate type is designed for the Microsoft Exchange and Microsoft Office Communication Server environments. This is a multi-domain option that can secure up to 100 domains.
Finding the right SSL certificate provider
Sectigo is a leading CA and the #1 market leader in SSL certificates. See a comparison of our different types of SSL authentication levels and variations here, and if you need more information on choosing the right one for your website, contact Sectigo today.