Types of SSL Certificates
Choosing the right certificate for your website's needs
Not all SSL certificates are created equal. Different types of certificates offer different levels of validation, coverage, and trust. Understanding these differences helps you choose the right certificate for your website.
Validation Levels
SSL certificates are categorized by how thoroughly the Certificate Authority (CA) validates the certificate applicant's identity:
Domain Validation (DV) Certificates
The most basic and common type. The CA only verifies that you control the domain name. This is done automatically via email, DNS record, or HTTP file upload.
- Validation time: Minutes to hours
- Cost: Free to low-cost (e.g., Let's Encrypt)
- Best for: Blogs, personal websites, small businesses
- Trust indicator: Padlock icon only
Organization Validation (OV) Certificates
Requires verification of your organization's identity. The CA checks business registration documents and confirms your organization is legitimate.
- Validation time: 1-3 business days
- Cost: Moderate ($50-$200/year)
- Best for: Business websites, company portals
- Trust indicator: Padlock + organization name in certificate details
Extended Validation (EV) Certificates
The highest level of validation. The CA conducts a thorough investigation of your organization's legal, physical, and operational existence.
- Validation time: 1-2 weeks
- Cost: Higher ($150-$500+/year)
- Best for: E-commerce, financial institutions, high-trust sites
- Trust indicator: Organization name may appear in the address bar (browser-dependent)
Coverage Types
SSL certificates also differ in how many domains or subdomains they can secure:
Single Domain Certificate
Secures one specific domain (e.g., example.com). Usually includes the www subdomain automatically (e.g., www.example.com).
Wildcard Certificate
Secures one domain and all its first-level subdomains with a single certificate using a wildcard (*). For example, *.example.com covers:
- blog.example.com
- shop.example.com
- mail.example.com
- Any other first-level subdomain
Note: It won't cover second-level subdomains like api.shop.example.com.
Multi-Domain (SAN) Certificate
Secures multiple different domain names with a single certificate using Subject Alternative Names (SANs). For example, one certificate can cover:
- example.com
- example.net
- example.org
- mysite.com
Ideal for managing multiple domains or brands under one certificate.
Which Certificate Should You Choose?
For personal blogs and small websites:
Use a free DV certificate from Let's Encrypt or your hosting provider.
For business websites:
Consider an OV certificate to show your business is verified.
For e-commerce and financial sites:
Invest in an EV certificate for maximum trust.
For multiple subdomains:
Use a wildcard certificate to cover them all.
For multiple domains:
Get a multi-domain (SAN) certificate to manage everything in one place.
Tip: Use our free SSL certificate checker to see what type of certificate any website is using.