Everybody knows that the internet is constantly changing and in particular, Google is always changing. Especially lately as the trend toward more security and more privacy has become a high priority with HTTPS becoming a standard feature on all websites. It is now more important than ever that you or your site admin gets an SSL Certificate from a registered authority for your website.
There are several Certified Authorities offering certificates and it is important that you pick the right one for your website. In this article we will talk about the various certificates that are available and compare them so that you can get a good idea of what will fill your needs.
Additionally, there are several factors that you need to take into account when choosing a Certificate Authority, as they are not all the same.
- Domain Validation or DV-Only the domain name is verified for legitimacy. The root domain and sub-domain can be included on one certificate.
- Extended Validation or EV- You can identify this type because the browser address bar is green in color vs. only the https text. Not only is the domain verified for legitimacy but the business/organization’s legal status is as well.
- Unified Communications or UC-This is used for encrypting connections for email or other types of software used for communication. Multiple domains can be included and it is also a type of SAN certificate.
- Subject Alternative Name or SAN- The root domain and any other domain names that are linked are included on one certificate.
- Wildcard-A certificate that includes both the root and sub-domains.
- Organization Validation or OV-Basically the same as the Extended Validation in that it verifies both the legal and domain status, but it does not include the green status bar.
There are also different types of encryption that you will run into when looking for certificates. These include: Rivest-Shamir-Adleman (RSA), Digital Signature Algorithm (DSA) and Elliptical Curve Cryptography (ECC). These come in different rates of encryption and the higher the bit rate, the better the security. RSA is faster at validating signatures but slower at creating signatures and DSA is exactly the opposite.
So now that you know some of the differences in certificates, which one is right for you?
Different types of sites need different types of certificates. Here are some basic guidelines:
- WordPress Sites: These sites need Domain Validation
- eCommerce Sites: These sites want to present themselves as being extremely trustworthy so will use Extended Validation certificates.
- Email Servers: Unified Communications
- Multiple Domains that aren’t necessarily sub-domains: This is where the Subject Alternative Name or SAN comes in.
- WordPress Multisite Networks with sub-domains-Wildcard.
- Organizations or Businesses that want to appear trustworthy will use Organization Validation
Here are the top 5 Certificate Authorities:
- Let’s Encrypt– These are free certificates but only DV, SAN, and UC are available. In addition there is no warranty and some devices and browsers have versions that are not compatible. This is not the kind of certificate to fit every need, but it is a viable option for sites that only require domain validation.
- Comodo– Comodo offers high levels of encryption and also a warranty at $250,000-$1,750,000 for certain certificates. They also have a free trial. The SSL Certificate comes with a warranty but the amount varies depending upon the type of certificate. One of the best features is you can upgrade, and you can also place the Comodo logo on your website to inspire visitor trust.
- Symatec– All of Symatec’s certificates come with the Symatec logo for your website. They also offer high dollar warranties and meet some government agency standards. Each certificate also comes with daily malware scans and UC support. They are the most expensive of the authorities but they also come with the most features. If you require compliance with government agencies or have a very high traffic site, this is a very good option.
- Digicert– This Authority offers free certificate re-issues and they are compatible with all major browsers and mobile devices. You do need to sign on for multiple years to get a discount however. The pricing is mid range and they do offer high warranty values.
- GeoTrust– GeoTrust is fairly similar to Digicert in that they offer roughly the same pricing and are compatible on all major browsers and mobile devices. You can also issue up to 24 names per certificate. These certificates are suitable for small to medium sized businesses.
To sum up the basics on choosing a Certificate Authority, here are some things to keep in mind:
-If you have a very basic site or something like a WordPress blog, and also if you are on a budget, then Let’s Encrypt or Comodo should probably be your first stop.
-If you need DSA, ECC or the highest level of encryption then Symantec is your best bet.
-If your site requires scanning for vulnerabilities or malware, then Comodo or Symantec are your best options.
-If a high warranty is a priority then Comodo, GeoTrust, and Symantec are at the top.
-For unlimited licenses Digicert or GeoTrust.
-Digicert, Comodo, and Symantec all offer their logos to place on your site.
-If you are looking for a high warranty for DV, Wildcard or SAN then Digicert is likely to be your best option. You
Considering all these factors and just having some general knowledge about Certificate Authorities should help you make the decision that is best for your business. There are a lot of things to consider, but overall, there is something for every budget and need and it is very important for your website health to address this issue. Once you start looking at all the factors it becomes easy to see that it is easy to find the best fit for you.