There are several types of SSL Certificates. This article quickly explains the differences between the various types you may want to use to secure a website.
All SSL certificates do one basic job. They allow you to use the HTTPS protocol on your website to encrypt traffic between your web hosting and your client's browser.
It all sounds simple enough doesn't it? Honestly it is... despite there being an enormous number of different SSL certificate configurations available from multiple vendors.
The differences that affect which certificate you will choose to secure boils down to 3 differences:
The level of validation your certificate provides.
The number of domains that you wish to secure.
The reputation and install support offered by your certificate provider.
1. Level of Validation
One of the jobs that your SSL certificate does for you is to reassure your customers that you are who you say you are and that you are a legitimate organisation. Not a small concern in a world of phishing and ecommerce scams. The cost of your certificate is directly related to how much work the certificate issuer has to do to verify who you are. There are 3 major levels of validation:
Domain Validated: Your organisation is validated by validating the details of the domain owner. i.e. that the owner of the certificate is the owner of the domain. A single domain name validated certificate can be usually issued quickly and is the lowest cost to you. It also has the lowest credibility of all the certificate types.
Organisation Validated (OV): Same as domain validated but with additional online processes that validate your organisation's identity. Single name OV certificates can take a few hours to a few days to be issued. However they offer a good balance between cost and credibility.
Extended Validation (EV): Same as an OV however there are additional real world validation processes to confirm that you are who you say you are. Single Name EV certificates can take several days to be issued due to the necessity of real world communications. They are more expensive and give your customers full satisfaction that you a current operational organisation.
You should match up your need for credibility and security based on your real world credentials. The nature of your online presence and what you do will help determine the importance placed on validation. A online fishing shop selling lure might be happy to go with a domain validated certificate however an online financial consultant might get more value out of the reputation offered by an EV certificate.
2. Number of Domains
All the certificates discussed so far are only able to provide SSL security for a sinlge domain name. However another aspect for consideration is whether you need to secure a number of domains or a number of sub domains.
For example: if you have a number of sub domains under the one primary domain such as mail.hosting-australia.com or cpanel.hosting-australia.com as well as the primary domain of hosting-australia.com you will need to register a 'wildcard' certificate that will support the primary domain hosting-australia.com as well as any domains in the form *.hosting-australia.com.
If you wish to secure multiple different primary domain names on one server using a single certificate then you will a 'multidomain' certificate.
3. Reputation and support
Finally, your certificate provider is part of your consideration whn choosing the right type of SSL certificate. There are many highly reputable providers out there Comodo, GeoTrust, Thawte and RapidSSL to name just a few. The price of your certificate may vary significantly between providers often for very little difference in the end product. Your choice will come down to your acceptance that your certificate provider offers you a good reputation and level of confidence that will translate to your customer's perception. Additionally it will be important to you what level of support your provider offers in terms of installation, speed of issuance and any tools required to assist with renewals.
Most hosting companies offer a large array of SSL products so talk to them first about what you might need in respect to your business. Often purchasing an SSL form your hosting company will also include installation and testing of your certificate as well.
In short: Choose the level of validation based on your budget and desired level of reputation and then decide if you need a single name, wildcard or multidomain certificates. Use you hosting company to support your install and purchase it from a reputable certificate issuing company.