What Type of SSL Certificate Does Your Website Need?

Domain names, hosting and SSL Certificates – it’s all a bit confusing! What I can tell you straight off the bat is that it’s now an essential tool for both security and SEO to have an SSL certificate for your website, even if you’re not running an ecommerce store. In this post I’ll run through the different SSL certificate options and I’ll spare you as much jargon as I can!

Google issued a final warning for any websites not using HTTPS by October 2018 stating that it will display a warning for visitors. This will likely contribute to the bounce rate on your website causing visitors to leave your site before they even reach the home page and may also affect search rankings.

There’s many ways you can secure your website. HTTPS or SSL is a secure method of encrypting data that is transmitted between your computer and your website’s web server (or the website you are visiting). If your visitors are accessing your website from a public WiFi network, such as at an airport or hotel for example, their connection would be more open to an attack by someone hacking the connection between their device and your server. If your visitor’s data isn’t encrypted by SSL, the hacker could gain access to their billing, shipping and credit card information and even process payments on their behalf. Identity theft is a fairly common occurrence and not one to take lightly.

So I Need SSL, But What Type of SSL Certificate Should I Choose?

There are several options for SSL Certificates. The first option you should consider is Let’sEncrypt which is a free SSL Certificate that is easily installable via CPanel. This SSL Certificate won’t work with all internet browsers but will get the job done. For ecommerce sites you might want to go with a paid SSL Certificate to ensure it works with all browsers.

A good web host will provide Let’sEncrypt as a standard feature in CPanel and will also offer services to assist you in installing and configuring HTTPS for your website.

Speak to CODE Websites today about configuring HTTPS for your website.

Here’s a list of paid options:

#1 – Single Domain

Just like the name suggests, this type of certificate protects a single domain. It will work on one domain (www.mybusinessdomain.com), but won’t protect any subdomains you might have (like subdomain.mybusinessdomain.com).

This type of SSL Certificate is perfect for simple websites such as straightforward informational or brochure type sites. Effectively most B2B websites or ecommerce websites where all transactions occur on a single domain.

This type of certificate will set you back about $60 – $100 and you can usually get a good deal from GoDaddy.

#2 – Multi-Domain (SAN)

Again, the clue is in the name. Multi-Domain SSL Certificates cover a number of different domain names. If you have multiple domains to cover, this is a good choice. Your alternative is to purchase several single domain SSL’s which would be more costly.

By the way, “SAN” stands for Subject Alternative Names.

#3 – Wildcard

Wildcard SSL certificates cover all subdomains on a single root domain or host name. This allows you to cover your main domain name plus any subdomains you might have for that domain. For example:

www.mybusinessdomain.com – your main domain

clients.mybusinessdomain.com – subdomain #1

login.mybusinessdomain.com – subdomain #2

#4 – Organisation

This SSL Certificate is similar to the Single Domain but it adds further validation of the business. It requires a bit of admin work to validate ownership – you might have to have your business registered at a company registration facility such as Dunn & Bradstreet which is a bit of a pain. You really only need this if you want authoritative brand or company validation which will be displayed if a visitor clicks on the SSL Certificate information in the browser’s address bar. But – it’s not great for securing ecommerce websites.

#5 – Extended-Validation (“EV”)

This certificate comes with the highest level of security possible for HTTPS. These certificates verify the domain but also validate the organisation, similar to option #4. In some browsers you will also get a green address bar to signify the site is using EV which indicates a higher level of security and integrity.

Verification can be lengthy and similar to the hoops you’ll need to jump through for the Organisation certificate. I ordered one of these recently and it took about 3 weeks to validate. Fun!

If you’re looking for credibility and assured security, this is the certificate for you. It usually comes with a couple of subdomains with the option to add more in the future for a fee. However, it’s not that much different from the security provided by the other certificates.

Conclusion

You definitely want to have an SSL certificate installed on your website, regardless of what your website is used for. Let’sEncrypt’s free certificate is probably good for most websites right now. Single Domain and Multi-Domain are good options if you are running an ecommerce website. They go for around $60 – $100. GoDaddy is usually a good option in terms of price. Organisation and EV certificates are good if you want top-level security and business validity for your visitors.

If you’re running a WordPress website, an SSL certificate is fairly simple to install and configure.

Need an SSL certificate? Not sure which one is right for your website? Need help installing and configuring it? Let CODE Websites take care of that for you!