How to choose right SSL certificate for your site?


These days, most visitors while visiting websites are increasingly mindful of searching the padlock icon in the URL bar.

This is because they know that if the padlock is visible on the browser, the site has an installed SSL certificate and thus, one can securely submit confidential information like credit card details, contact number, passwords, payment details and more to the site.

Browsers alert users that a site is without a valid SSL certificate by warning about out of date, misconfigured or missing certificates. Like Google flags websites that are not secure i.e. are unencrypted sites. These unencrypted sites are marked in red in the URL over the padlock to warn users that the site is not secure.

Users then have the choice of continuing to the site or leave.

SSL certificates are issued to the websites by a trusted third party known as a ‘Certificate Authority’ (CA) and are available in a variety of types and validation levels. But, before we dive into the types of SSL certificates, let us discuss what is an SSL certificate and why you need an SSL certificate?

What is an SSL certificate?

Secure socket layer (SSL) certification is used to set up a secure connection between your website and your visitor’s browser.

This process of setting up an encrypted and secure connection is known as SSL handshake- a key that encrypts and decrypts the data, leading to secure data transmission between a web server and a web browser.

These certificates are usually installed on web pages that request sensitive information from users, such as payment details or a password.

Do I need an SSL certificate for my website?

If you want to prove your identity and legitimacy to your website visitors, then you definitely need to add an SSL certificate to your website. SSL security is mainly used to keep users’ information safe.  So, they are must for web pages if,

  • You’re selling something online (you are taking credit card, social security numbers and any other personal data during order process).
  • You are allowing users to create accounts with your company.
  • Your website is facilitating login and registration options.
  • You are accepting users’ information, documents and photos via form(s).
  • You provide secure services like internet banking and online email (where complete privacy is required).

Comodo Certificates, Key Sizes and Online Trust – an overview
SSL certificates issued by Comodo are the most affordable SSL certificates for an online business. Apart from being low cost, Comodo provides high-level 2048-bit encryption and 99.9% browser compatibility and ensures immediate validation and issuance.

Comodo is used by 17.5% of all the websites, and have a market share of 36.2% (W3 Techs)

Comodo SSL certificates come with highest security levels and great value-added package. They secure your site or server with full 128/256-bit encryption.

Comodo’s root certificates can be embedded in all major browsers and devices and are trusted by 99.9% of the Internet population.

How to choose right SSL certificate for your site?

Below we will discuss different types of SSL certificates and how you can choose the right SSL certificate for your site.

Types of SSL Certificates:

Comodo offers a comprehensive range of 2048-bit certificates which cover a full spectrum of enterprise business needs –  single domain, multi-domain, wildcard, Organizational Validation (OV) and Extended Validation (EV) certificates.

 1. Extended Validation (EV) SSL Certificate

EV certificate is the hallmark of the highest level of security and trust as the companies which deploy it have to go through rigorous background checks and stringent vetting process to get this validation.

This certificate when installed on a website, turns address bar of the major browsers green, which assures visitors of the website that it is safe to conduct online transactions with it.

Comodo’s Extended Validation SSL certificate is the most cost-effective and efficient means of adding EV security to a website.

Benefits and Features of EV SSL certificates:

  •  They are designed to clearly communicate the trustworthiness of the website to its visitors- green address bar boosts customer confidence.
  • EV helps reduce visitor abandonment and improves customer conversions. You get higher revenue per transaction and higher lifetime customer value.
  • Indicates your website has passed the same security checks as the other major websites.
  • With a Comodo EV certificate, you get a set of tools that instantly win the trust of your customers and convert more sales.
  • Highest SSL security levels – 2048-bit digital signatures throughout entire certificate chain and up to 256-bit encryption as standard.

2. Organization Validated (OV) SSL Certificate

An Organization Validation SSL certificate also ensures high level of security and trust. Each OV SSL certificate includes validation of complete business details- name, address, domain name and other information of the company or business. It provides instant identity assurance and strong encryption.

However, OV SSL certificate does not possess the ability to turn the browser address bar green. Instead, it displays the padlock and HTTPS in a green color which informs the visitor that the online business or website is validated and is safe to proceed with any type of transactions.

3. Domain Validated (DV) SSL certificates

No doubt, Domain validated SSL certificate provides the same high level of data encryption as the other validation levels but it does not authenticate or validate the business identity, behind the website.

Note: When you buy https certificate, make sure the certificate type you require is signed by a Certificate Authority with a 2048-bit root as if it is less than 2048 bit in length, then it could be vulnerable to attack.

4. Single Domain SSL Certificates

This single domain SSL certificate allows a customer to secure one subdomain (completely Qualified Domain Name) on one single certificate. For example, when you purchase a SSL certificate for www(dot)example(dot)com it will allow customers to secure any and all pages on www(dot)example(dot)com/, but it won’t apply to mai(ldot)example(dot)com.

It provides protection against data theft and bolsters your overall security.

You can use single domain SSL Certificates to secure: one domain (both www & non-www variations), individual sub-domain, hostname, IP address and mail server.

5.  Wildcard SSL Certificate

A Comodo Wildcard SSL certificate allows businesses to secure one single domain and its multiple sub-domains. For example, a wildcard certificate for ‘*.example(dot)com’ could also be used to secure ‘payments(dot)example(dot)com’,’login(dot)example(dot)com’, etc. but it won’t secure ‘article(dot)shop(dot)example(dot)com’.

When you add any subdomain to your website, a wildcard certificate will automatically secure that or many, in the future.

A lot of people ask us – why are wildcard SSL certifications a lot more expensive than single domain SSL certificates?

So, answering it here. A wildcard SSL certificate allows companies to secure unlimited sub-domains on a single certificate. So, although a single wildcard SSL may be costlier than a single domain SSL certificate, but, when we compare the complete scenario, a wildcard SSL proves to be overall cost-effective when compared to buying multiple single SSL certificates.

They also reduce the number of certificates that need to be tracked.

Thus, Wildcard SSL certificate provides a very cost-effective alternative to buying many single domain SSL certificates and help simplify the certificate management process.

6.  Multi-Domain SSL Certificate (MDC): 

A Multi-Domain SSL certificate allows business website owners to secure multiple domains on one certificate and add or remove domains at any time. It enables them to keep track of a single certificate with a unified expiry date for all the domains, instead of keeping tabs on multiple certificates.

 7. Unified Communications Certificate (UCC):

Unified Communications Certificates are exclusively crafted to secure Microsoft® Exchange and Office Communications’ environments. With a UC certificate, customers can secure 100 domains using a single certificate. UC uses SAN for this purpose.

Why does an SSL certificate cost money?

Different browsers trust slightly different sets of authorities, so companies recognized by most browsers have a competitive advantage. The certificate that’s signed by a non-approved CA brings up a scary warning that the site shouldn’t be trusted.

People who buy SSL certificates usually need their users’ trust, so they do not want to opt for a certificate that generates warning for their site. So, one pays the price for availing encryption as well as authentication as the price for an SSL certificate.

If you have any query about securing your site with SSL certificates, do let me know through comments. I will be happy to help.