Michael O.
3min Read

Which SSL certificate?

Which SSL certificate?

The assortment of SSL certificates available may be confusing and could result in purchasing more (or less) than we need. Using a few questions, we can quickly arrive at a correct decision.

Is your website for personal or business use?

This hinges on what you want your website visitor to see. Is a valid HTTPS in the address enough. Do you need your site visitors to see that the SSL certificate belongs to a verified business?

All SSL sites with a valid SSL certificate display https in the address bar. The Extended Validation (EV) SSL certificates also display another indicator. This is usually a green address bar. It helps validate that the organization is legally and physically verified according to certain fixed industry standards.


The regular or Domain-Validated SSL certificate

This is also known as a low-assurance certificate. Automated validation ensures that the domain name is registered and that an administrator approves the request. The webmaster must either confirm via email or configure a DNS record for the site to complete the validation.

This is usually the cheapest option and is fine to improve search engine ranking. It is a fully validated certificate. Recommended for non-commercial websites and internal sites that need some encryption.


The Organization-Validated SSL certificate

Known as a high assurance certificate. It requires real people to validate the domain ownership as well as organization information such as name, city, state and country.

It is similar to the low-assurance certificate but needs additional documentation to establish and verify company identity. This is the certificate for most businesses that do not need extended insurance or super encryption levels.


The Extended-Validation(EV) SSL certificate

This SSL certificate is a digital certificate issued in conformance with the extended validation guidelines. The CA/Browser Forum defines these guidelines.

Extended Validation (EV) SSL certificates will tighten the security of Internet transactions. Certificate requestors are subject to a thorough, standardized vetting process which all issuing Certification Authorities (CAs) must adhere to.

Companies whose Internet domains are considered at a high risk are considered good candidates for Extended Validation SSL certificates. Phishing schemes and other types of Internet fraud often target these domains

They also lend the most credibility to your website by bringing your business’s verified identity to the front – clearly displaying your company’s name in a green address bar.


Single, Wildcard and Multi-domain SSL certificates

The single domain certificate protects only the domain it was purchased for. Most will protect the root domain (mydomain.co.ke) and ONE sub-domain (ie www.mydomain.co.ke).

If you need more sub-domains secured (ie mail.mydomain.co.ke, ftp.mydomain.co.ke, intranet.mydomain.co.ke) then you need a wildcard SSL certificate.

The wildcard certificate allows you to secure unlimited sub-domains. It also costs more than the single domain certificate.

The last type is the multi-domain certificate. This certificate secures multiple domains. A single organization is normally associated with these domains. All three (single, wildcard and multi-) are usually available as low- high- or extended-validation certificates.

Happy Hosting!


The Author

Michael O.

Michael is the founder, managing director, and CEO of HOSTAFRICA. He studied at Friedrich Schiller University Jena and was inspired by Cape Town's beauty to bring his German expertise to Africa. Before HOSTAFRICA, Michael was the Managing Director of Deutsche Börse Cloud Exchange AG, one of Germany's largest virtual server providers.

More posts from Michael