A SSL Certificate Shopper’s Guide

Safe Web SurfingSSL security (and how to add it to your website) can be mystifying for even the most tech-savvy website owner. My last post about website security and SSL really hit a nerve! I received so many questions about it, I thought I’d put together a SSL “shopper’s guide”. With the increased awareness and demand for securing websites, I began gathering sources and specifications so that I can guide clients to the right SSL product for the job, at the best price.

While all SSL certificates will encrypt your site traffic and deliver your website in “https://…”, there are features and specifics you need to be aware of when selecting a SSL certificate product. As there are a lot of options to choose from, knowing what to look for can save you significant money.

First, what is your goal with purchasing a SSL certificate? Is it simply to avoid the future “red triangle” warning? Is it to help build trust with your site visitors? Or, is it to help convert prospects to customers? Those questions need to be considered carefully before investing in a SSL certificate for your site.

When shopping, keep in mind there are three basic certificate types: Domain Validation (DV), Organizational Validation (OV), and Extended Validation (EV). The type is very important, as the certificate type is the main driver of the features, price and renewal terms.

While all commercially available certificates use the same level of encryption (256-bit), the selected certificate type provides the level of authentication. Authentication is simply the amount of vetting the certificate authority does to verify that the site is owned and controlled by who it says it is. Simply put, the certificate authority (CA) checks you out before granting you the certificate. For this reason, OV and EV certificates can take 2 to 10 days to issue, and generally cost more, as there’s more vetting involved.

Domain Validation (DV): The simplest, fastest and lowest-cost option. Domain validation is exactly as the name implies, a simple check that you own and control the domain name to be secured. DV-type certificates can be issued in just a few minutes. For the majority of information-only websites, this option is all you need.

Organizational Validation (OV): Sometimes referred to as “high assurance” certificates, a check is performed by the CA to confirm that you not only own your domain name but also that your organization is a registered entity (with your state for example). Because of this extra check, these certs take a few days to issue.

EV Certificate
Example of a website with an Extended Validation (EV) certificate active

Extended Validation (EV): If you’ve ever noticed the green browser address bar that contains the company name, you’re looking at a site with an EV SSL certificate (example shown in the graphic above). This certificate type has the most vetting and can take up to 10 days to issue.

The advantage of EV certificates is that they visually build trust with your visitors with the company name embedded in green within the browser bar, along with a dynamic, branded seal that you can display on your site. EV certificates cost more, but if you have an ecommerce site, or deal with sensitive information, the investment may be well worth it, as it’s likely to build maximum trust with your audience and better sales.

For more information, check out my SSL Certificate page that includes some selected products for each certificate type.

Scroll to Top