What kind of ssl do i need

If you have a lot of sub-domains, or anticipate adding more in the future, you should consider a Wildcard Certificate because you can secure an unlimited number of sites directly under the domain. If you have only a few sub-domains, or if your sites contain different number of nodes in the domain name e.

May 19, Doug Beattie. Step 1 - Is Your Domain Registered? An internal name is a domain or IP address that is part of a private network, for example: Any server name with a non-public domain name suffix e. SSL for Internal Server Names So what can you do if you want to secure communications between your internal servers that use internal server names? Extended Validation EV Certificates EV Certificates include the most company data and companies must meet the highest, most stringent requirements of any type of SSL Certificate before receiving a certificate.

Example site secured with EV Certificate in Chrome Organization Validated OV Certificates OV Certificates also include business authentication, meaning information about your company is included, but, unlike EV Certificates, this information is not as prominently displayed.

Domain Validated DV Certificates DV Certificates are the most basic type of SSL Certificate, including the least amount of identity information in the certificate and only proving the website owner could demonstrate administrative control over the domain. Multiple Domains If you want to secure multiple domains e. Multiple Sub-Domains If you want to secure multiple sub-domains e. Here's the full infographic from the CASC. Share this Post.

CAs may require certain documents and contact personnel to ensure that OV certificates contain legitimate business information. This is the standard type of certificate required on a commercial or public-facing website. An example of an OV certificate in Chrome after clicking on the padlock :. With OV not only is the common name verified but also the country, state, city and organization.

EV certificates add additional validation steps and offer the highest level of authentication to safeguard your brand and protect your users. Over half of the top ecommerce sites use EV, according to data from Comscore and Netcraft.

They have found that switching from OV to EV certificates increases online transactions and improves customer confidence. But they are not just for ecommerce: EV certificates give your brand the highest level of assurance and validation to ensure users know exactly where — and to whom — encrypted data is being sent. EV certificates are used for account area logins, front-facing webpages and other sensitive areas.

Plus, it is extremely difficult to impersonate an EV-enabled site. Websites using EV certificates have virtually zero incidents of identity-spoofing attacks. Phishing attacks account for more than 80 percent of reported security incidents. Below is an example of an EV certificate in Chrome see examples of what EV certificates look like in each browser. Extended Validation goes beyond security. It has become the baseline for any reputable site that cares about security, brand and their clients.

EV makes a strong statement that your brand is committed to data security and offers the highest level of protection for your users. When a user visits a website that is secured with a self-signed, or free SSL certificate, most web browsers will post an error message.

The real problem lies in the fact that self-signed certificates are virtually unregulated. If your site is compromised, it may still appear secure; however, certificates issued by a trusted certificate authority can be revoked and therefore alert users of any potential threats. The only time a self-signed certificate should be used is when testing behind a firewall.

You can get around purchasing a certificate altogether if you use a company like PayPal to handle your transactions, as the PayPal site will secure the transaction on your behalf. Like any type of insurance, SSL certificates vary significantly in price based on the amount of warranty coverage they offer.

However, the warranty that you get when you purchase an SSL certificate can be misleading. It is not a warranty to the purchaser you but rather to the end users. In a nutshell, if a consumer suffers a monetary loss after making a purchase on a fraudulent website, the certificate authority is technically at fault for not displaying a browser warning and failing to protect the consumer.

In this situation, the warranty value would be paid out to the customer, given that the amount being disputed is less than the warranty itself. Take note, this practically never happens! If a user were to get scammed by a website, the first course of action they would likely take is to contact their credit card company.

However, in order to make good on the warranty, the end user would have to take note of which SSL provider the fraudulent website was using and contact them directly.

Single-name SSL certificates protect a single domain. For example, if you were to purchase a certificate for www. Wildcard certificates allow you to secure an unlimited number of subdomains that live off a singular root domain. For example, say you want to secure the domain www. This certificate would secure www. Wildcard certificates can easily pay for themselves over time, especially if you need to secure four-plus subdomains.

Multi-domain certificates can protect upwards of different domains with a single certificate depending on the provider you choose. This usually occurs with plugins, images and JavaScript snippets.