What is SSL?
How Can You Reach The Information that an SSL certificate contains?
You can check the SSL Certificate information by clicking on the padlock before the URL of the website in the address bar. It also contains information regarding the identity of the
website. Following are the essential contents of the SSL Certificate:
- ‘Domain name’ for which the certificate was issued
- The organization, person, or device to which it was issued
- Name of the Certificate Authority issuing it
- Digital signature of the issuing CA
- The subdomains associated with it
- Date of issuing of the certificate
- Date of expiry of the certificate
The web browser communicates with the web server and uses this data file to verify the and the status of the SSL Certificate.
How do SSL Certificates Work to Protect User Data and Privacy?
After an SSL Certificate is installed on your web server, it is provided with a distinguished digital identification number in the form of a public and a private security key used for the server’s authentication. These keys are nothing but a long string of arbitrarily generated
numbers. It also enables the server to encrypt and decrypt the sensitive
information exchanged between the user and server.
- When a visitor accesses your website, the user web browser tries to verify the validity of the SSL
- Certificate of your website as well as authentication of your server through a process known as Handshake.
- The web server then sends a copy of its SSL Certificate along with the server’s public key.
- The browser checks the SSL Certificate root against a list of trusted CAs, its date of expiry, and
- its authenticity.
- Once the browser is assured that the SSL Certificate is valid and that your server is authenticated,
- it indicates this to the webserver.
- Henceforth, a digitally signed acknowledgment is sent back to the browser to establish a safe encrypted path for information transfer between the web server and the user.
- If the browser finds out that your SSL Certificate is not valid, an error message “Your connection
- is not private” is displayed to the user, and this causes your visitor to leave your website immediately.
According to your security requirements and budgets, you can buy SSL certificates from various choices available with many reputed Certificate Authorities (CAs) on the Internet. So, even if you have
a small budget, it is crucial to secure your website with a valid, cheap SSL Certificate to win user trust
and protect your brand’s reputation. Let us thus try to decipher the different types of SSL Certificates available.
Types of SSL certificates
The Certificate Authority(CA) issues various SSL Certificates depending upon the different validation level requirements. As such, the SSL Certificates can be classified based on these different validation level procedures as follows:
Domain Validation (DV) SSL Certificate
Organization Validation (OV) SSL Certificate
The CA issues OV SSL Certificate only after carrying out domain verification and verifying the authenticity of the owner company. The OV SSL Certificate displays the company’s identity information and can be seen by accessing the information on the certificate.
Details of the company are present in the ‘Subject Tab’ as shown in the example below,
Medium-sized organizations more popularly use OV SSL Certificate, and its issuance time is more than DV SSL Certificate. As more time is taken by the process of verification of the certificate owner company, it is more expensive than DV SSL Certificate.
Extended Validation (EV) SSL Certificate
The EV SSL Certificate is associated with the highest degree of trust and reputation. The EV SSL Certificate is issued to the organization only after following vigorous. Very strict and thorough background verification is part of the validation procedure followed for issuing, such as its address, current operational status, legal status, etc. Hence, this SSL Certificate takes the longest time to be issued and is much costlier than DV and OV SSL Certificates. The company’s name is displayed in the address bar and hence can be verified. The visual symbols of trust, site seals displayed on the website add to the user’s trust. EV SSL Certificates find widespread use in banks, big financial institutions, e-commerce websites, etc.
Different Number Of Domains/Subdomains
Another factor that becomes the deciding factor for securing your website with different types of SSL Certificate is the number of domains and subdomains that need to be secured, and they are as follows:
A single domain SSL Certificate secures one domain or subdomain for your website. It is valid for both the www and non-www variations of the domain.
For securing multiple domains and subdomains, buying a cost-effective Wildcard SSL Certificate or Multiple-Domain Certificate gives a better return on investment and better time management, instead of using a single-domain certificate for every multiple domain and subdomains.
A Wildcard SSL Certificate safeguards the main root domain and all the subdomains one
step below the root domain with just a single certificate. Wildcard Certificates use a common name of the format *.example.com, so it will secure the multiple subdomains as shown above in the image like dev.example.com, mail.example.com, etc., with a single certificate. If budget is a concern, it is recommended to buy and install a wildcard SSL certificate that will afford the same encryption levels as the more expensive ones.
Multi-domain/SAN SSL Certificate
A Multi-domain or SAN(Subject Alternative Name) SSL Certificate secures multiple domains/ subdomains with just a single certificate. You can add and modify the Subject Alternative Name field and protects multiple names in between various domains and subdomains with great ease. For example, with just a single Multiple-domain(SAN) SSL Certificate, you can secure all of the following domains as seen in the image: https://www.linuxhintbd.xyz , www.example.com , etc.
Unified Communications Certificate (UCC)
Unified Communications Certificates (UCC) are nothing but Multi-Domain SSL certificates that were earlier designed to secure Microsoft Exchange and Live Communications servers. Now, it is used to secure any multiple domain names with just a single certificate. UCC Certificates have organization validation and can also be used as EV SSL certificates offering the highest degree of trust and security to its users.