- Which SSL certificate to choose for your site
- SSL certificate - why is it needed
- Main types of SSL certificates
- Choose wisely
Which SSL certificate to choose for your site
About what could be the impact of HTTPS on website promotion, we already talked in a previous article on the topic. I remember then it was concluded that the transition to this protocol is an extremely positive step from the point of view of search engines, but not at all necessary.
But the latest news from Google no longer leaves doubts about this and Configuring HTTPS on sites becomes more relevant than ever. This process itself is not so complicated. Difficulties can only arise at the stage of choosing an SSL certificate for https.
After all, not only how the URL of your website will be displayed in the address bar of the browser (color, “lap” symbol, name etc.) depends on which SSL certificate to choose, which is a factor that increases the confidence of visitors in it, but also some other things.
First of all, this is the financial side: the cost of various types of SSL certificates can range from several dollars to several thousand dollars per year.
And also, if you make a versatile comparison of SSL certificates, it will become clear that some of them are not only expensive, but also require the fulfillment of a number of conditions for their receipt.
To help you choose the right SSL certificate, we suggest a little walk in theory. First, let's figure out what the SSL certificate is for, and then move on to their species.
SSL certificate - why is it needed
Everything is simple here - without it it will not be possible to use HTTPS protocol, the principle of operation of which is based on SSL technologies that allow for the secure exchange of data through the World Wide Web.
SSL certificate is a digital document issued by an authorized certification center (unique digital signature), providing confirmation of the authenticity of the site server and the reliability of data about its owner, as well as the security of the installed channel for exchanging data with the client (user).
For example, the presence of one of the types of SSL certificates with authentication of company data makes it clear that:
- the site that the user has visited really belongs to the organization in question;
- this organization is a real, properly registered and having all the necessary documents to carry out its activities;
- data on it is checked by an authorized digital certification center.
It turns out that the SSL certificate is needed not only to ensure the protection of data transfer, but also to increase the level of trust on the part of site visitors, which certainly positively affects behavioral factors and, as a result, in his positions in searchable issues.
Main types of SSL certificates
To distinguish certain types of SSL certificates, you need to refer to the listing of unifying features:
- By the supported number of domains / subdomains:
a) Standard. Used to protect only one domain name, without the support of subdomains, including www.
b) Group (WildCard). Protect the main registered domain and all its subdomains. Some certificates are classified in this category by default, while others, even if they are the most expensive, may not support subdomains. At this point, special attention must be paid to choose the correct type of SSL certificate.
c) Multi-domain (MDC - Multidomain Certificates). One such certificate can be used to protect multiple separate domains.
- By type of data verification:
a) Self-signed certificates. Yes, the certificate can be generated independently and used to protect the site. But the problem is that when moving to a site with such a certificate, any modern browser will give a message that you can’t trust it.
The reason for this will be the fact that there is no signature of the trusted Certification Center. Therefore, it does not make sense to use certificates personally created by anyone, since most users will leave as soon as they see a warning message about a low level of security.
b) Essential SSL (DV - domain validation). This type of SSL certificates involves checking the ownership of the declared domain by placing the file at the root of the site or adding a small code to its template. Such certificates can be obtained by both individuals and legal entities without the need to indicate any additional data about themselves.
Therefore, they are issued quite quickly - after 5 –15 minutes after confirming ownership. Ideal for personal use by individuals who own websites that are not related to commercial operations. The presence of such a certificate on the site is mainly indicated only by indicating the HTTPS protocol in the address bar (sometimes with the “lure”).
c) Instant (OV - organization validation). To obtain a certificate of this type, it will be necessary, in addition to confirming the ownership of the domain, to provide data and documents to verify that the company really exists and is a legal entity.
The audit also usually involves reconciling the applicant’s domain data with the information specified in Whois. Given the number of checks, the issuance of such certificates usually occurs within a few days.
When using such certificates, a green lock (sometimes yellow with the name of the organization) is displayed in the address bar.
d) EV (Extended validation). Such a certificate is issued as a result of the verification described in the previous paragraph, but already more extended. A verification call to the organization number indicated in open sources is mandatory, and an example of existing documentation (accounts, acts of completed work, etc.) is required.
A site protected using an EV certificate will be displayed in the address bar with a “bridge” and the green name of the organization (in some browsers the whole line is highlighted in green and the signature “Trusted” can be added).
EV certificates are most expensive and are used for those sites that are associated with mass financial transactions (large online stores, bank sites, etc.).
In a separate category, it is worth highlighting the types of SSL certificates supporting IDN (Internationalized Domain Names) that can be used for websites with Cyrillic domains.
If you have a regular information site that, in addition to the email address, does not collect any important data about visitors, any inexpensive certificate and even free will do (such are also, but usually they are issued for up to three months).
In all other cases, in order to correctly select an SSL certificate, you need to take into account the specifics of the data processed by the website, the scope of its activities, the presence of subdomains, etc. Also do not forget about the level of authority of the site in the eyes of its visitors. It is clear that a green line with the name of the company is trusted much more than a banal https with a yellow key.
Well, if you decide on the type of SSL certificate is very difficult, you can use a little trick - analyze competitors and choose the option a little better than most of them, well, or at least not worse.