SSL Certificates

Green padlock icon

SSL Certificates are typically deployed to add security to pages where end-users are expected to submit highly confidential data. Examples include payment forms (which require the user to submit credit cards details), account login pages (where the user must enter their username and password) and secure services like internet banking and online email (where complete privacy is required). However, SSL certificates are certainly not restricted to sensitive pages and can be used to add security throughout a website. Indeed, Google is encouraging website owners to deploy SSL on all pages by giving better search ranking to HTTPS pages.

routeToWeb now offers a free DV certificate with all website hosting, although some site owners prefer to use EV or OV certificates as they go through a rigorous validation process as therefore there is a cost to these type of certificates.

When a webpage uses an SSL certificate to secure a connection, the beginning of the URL will change from http to https, with the ‘s‘ standing for ‘secure’. Users will also see a padlock and, in the case of extended validation certificates, the entire address bar will turn green.

SSL certificates are issued to websites by a trusted third party known as a ‘Certificate Authority’ (CA) and are available in a variety of types and validation levels:

All SSL certificates are a combination of a particular Validation Level + Type (as shown above). There are certain exceptions though. For example, you cannot purchase a wildcard version of an Extended Validation certificate as these are not permitted by the guidelines which govern the issuance of EV certificates.

The rest of this page provides a quick overview of the validation levels and certificate types discussed above.

Certificate Validation Levels

Extended Validation Certificates

EV certificates provide the highest levels of security, trust and customer conversion for online businesses. EV certificates are issued only after the issuing CA has conducted rigorous background checks on the company according to the guidelines laid out by the Certificate Authority/Browser (CA/B) Forum. Because of this, EV certificates contain a unique differentiator designed to clearly communicate the trustworthiness of the website to its visitors. Whenever somebody visits a website that uses an EV certificate, the address bar will turn green in major browsers such as Internet Explorer, Firefox and Chrome. EV certificates are used by all major online retailers and banks and are highly recommended for businesses that wish to immediately build customer trust in their site.

Organization Validated Certificates

OV certificates include full business and company validation from a certificate authority using their established and accepted manual vetting processes. Each OV certificate contains full company name and address details, which means they provide significantly higher levels of assurance to end-users than Domain Validated certificates. However, because they are not validated to the CA/B forum standards, they do not possess the ability to turn the browser address bar green.

Domain Validated Certificates

DV certificates provide the same high levels of data encryption as the other validation levels but do not provide assurance about the identity of the business behind the website. Whereas EV and OV certificates are only issued after the applicant organization has been manually vetted by a certificate authority, DV certs are issued after domain control has been established using an automated, online process. DV certs are a popular choice amongst small-medium sized web sites because of their faster issuance times and lower price points.

This is the type of certificate offered FREE by routeToWeb when you use our servers to host your website.

Certificate Types

Single Domain Certificates

A single domain certificate allows a customer to secure one Fully Qualified Domain Name on a single certificate. For example, a certificate purchased for www.domain.com will allow customers to secure any and all pages on www.domain.com/. Single domain certificates are available in DV, OV and EV variants at a variety of price points and warranty levels. The straightforward nature of the single domain certificate makes it ideal for small to medium sized businesses managing a limited number of websites. However, businesses that operate or anticipate operating multiple websites may benefit from the added flexibility, convenience and savings offered by wildcard or multi-domain certificates.

Wildcard SSL Certificate

A Wildcard certificates allows businesses to secure a single domain and unlimited sub-domains of that domain. For example, a wildcard certificate for ‘*.domain.com’ could also be used to secure ‘payments.domain.com’, ‘login.domain.com, ‘anything-else.domain.com’ etc. A wildcard certificate will automatically secure any sub-domains that a business adds in the future. They also help simplify management processes by reducing the number of certificates that need to be tracked. For growing online businesses, Wildcard certificates provide a flexible, cost effective alternative to multiple single certificate purchases.

We have used this type of certificate to secure stage sites running under the full domain.

Multi Domain SSL Certificate (MDC)

As the name suggests, a Multi-Domain certificate allows website owners to secure multiple, distinct domains on a one certificate. For example, a single MDC can be used to secure domain-1.com, domain-2.com, domain-3.co.uk, domain-4.net and so on. Indeed, an MDC will allow you to secure up to 100 different domains (or wildcard domains) on a single certificate. Customers can easily add or remove domains at any time. This simplifies SSL management because administrators need only keep track of a single certificate with a unified expiry date for all domains instead of keeping tabs on multiple certificates. In addition, MDCs usually represent a cost saving over the price of individual certificates.

Unified Communications Certificate (UCC)

Unified Communications Certificates are specifically designed to secure Microsoft® Exchange and Office Communications environments. UC certificates use the Subject Alternative Name (SAN) field to allow customers to include up to 100 domains on a single certificate – eliminating the need for different IP addresses per website that would be required otherwise. UC Certificates also support the Microsoft Exchange Autodiscover service, a powerful feature which greatly eases client administration. As with MDCs, a single UCC can greatly reduce SSL management duties while allowing customers to realize cost savings over individual purchases.

Ref: https://www.instantssl.com/ssl-faqs/types-of-ssl-certificate.html [active link removed as the page no-longer exists]