A Certificate Authority, or CA for short is a third-party organization that is trusted by the CA membership programs of different electronic devices, operating systems, and browsers. A CA must adhere to the criteria of each membership program to become a trusted authority.
What is Certificate Authority?
After a CA signs and issues a certificate, that certificate can be used for establishing communication, or other tasks. If a certificate is issued for SSL, that certificate cannot be used for Secure Email. CA also verifies the owner of the certificate and checks if the certificate and revocation status is valid.
How Many Types of SSL Validation?
- Before going into details, we need to know what “Validation Level” is? Validation level refers to the extent of checks that a Certificate Authority does to verify the identity of a person or organization that owns a website
- The type of validation you decide to go for will be dependent on the size and scope of your website, as well as the kind of data you will be requesting from your users and/or customers. The three main types of SSL validation are:
1) Domain Validated Certificates (DV SSL)
2) Organization Validated Certificates (OV SSL)
3) Extended Validated Certificates (EV SSL)
Let’s take a look at how each type is validated, how you can recognize it in your web browser, and each of its pros and cons
DV SSL | OV SSL | EV SSL | |
Validation level | Lowest | Medium | Highest |
Trust level | Lowest | Medium | Highest |
Issue time | In minutes | 1 – 2 business days | 1 – 5 business days |
Vetting procedure | Email, or sometimes file-based authentication and the entire process is automated | Provided and authenticated by two parties that are: Client side signs off as witness to the requesting entity and the CA or Certificate Authority’s legal team verifies the accuracy and veracity of the claim (approval) | Provided and authenticated by two parties that are: Client side signs off as witness to the requesting entity and the CA or Certificate Authority’s legal team verifies the accuracy and veracity of the claim (approval) |
Detail level of information | Display little info about website ownership | Display more info about that company that owns the domain | Display full info about that company that owns the domain |
Features | HTTPs and Padlock symbol | HTTPs and Padlock symbol | HTTPs and Padlock symbol |
Entity | Personal sites (blog, portfolio sites) | Small and medium businesses, enterprises (E-commerce sites | Medium and large businesses, enterprises (Banking, trading sites) |
Besides that, there are also Self-signed certificates. A self-signed certificate is a digital certificate not signed by any publicly trusted Certificate Authority (CA). Self-signed certificates include SSL/TLS certificates, code signing certificates, and S/MIME certificates. Self-Signed certificates are created, issued, and signed by the organization responsible for the website or the signed software
How Do I Get an SSL Certificate?
- Use ICANN Lookup to validate the information on your website.
- The Certificate Signing Request should be created (CSR).
- To verify your domain, send your CSR to the Certificate authority.
- The certificate should be installed on your website.
How Many Types of SSL Certificates?
1. Single Domain SSL Certificate
- Aka Standard SSL Certificate will protect one domain name only. For example, if you buy an SSL Certificate with the hostname in the common name field as www.example.com site, it will not protect the subdomains of your main domain. This rule applies to all types of SSL validation. When you list your hostname in the common name field as “example.com” the certificate will protect your www.example.com.
- If you want to secure ONE website with SSL Certificate then the Single Domain SSL or Standard SSL Certificates are the best options for your online business security needs. Standard SSL Certificates are the cheapest price compared to other SSL Certificates types.
2. Wildcard SSL certificates
Wildcard SSL certificate works the same as a Single-Domain SSL certificate, that is applied to a domain and all its subdomains. For example, if you have an SSL certificate for “example.com”, any subdomains you add, such as “mail.example.com” or “login.example.com” will automatically be secured. Even if you don’t have any subdomains currently, if you plan on adding any in the future, a wildcard SSL cert will save you money and hassle as you won’t need to keep on buying individual SSL certs every time you do so. Wildcard SSL certificates can be issued with DV and OV levels of validation, but not EV.
3. Multi-domain SSL certificates
With a multi-domain SSL certificate, up to 100 different domains are protected. Wildcard domains can also be protected with a multi-domain SSL cert. This kind of SSL cert is ideal for organizations running multiple websites, as they only have to deal with a unified cert for all of them, rather than keeping track of individual certs for each one. Getting this kind of cert will also save money in the long run.