SSL Certificates provide a secure connection between a you and your browser and the website (server) you are visiting with all data/messages encrypted with PKI (Public Key Encryption). Once you have a valid SSL certificate this will enable you to show a padlock in your browser to indicate the connection to the site is secure.
There are many product offerings all at very different prices where the pricing changes on type of certificate and between providers, the main difference in the cost of an SSL Certificate is the amount of verification performed by the CA (Certificate Authority) that issue the certificate there are 3 main types Domain, Organization and Extended Validation. Identity verification can assure the visitors of a site that it can be trusted to do business with, by understanding the differnances in the various levels of verification this will help you select the most appropriate certificate to secure your site.
The 3 main types of certificate validation:
- DV - Domain Validated (required by all certificate types).
- OV - Organization Validated.
- EV - Extended Validation.
There is another certificate type called "Self Signed" as this certificate is generated and signed by the same organization and not a trusted 3rd party CA, these types of certificates are genreally only used on internal private systems within the same organization and should not be truested on any public/commerse site.
Self Signed SSL Certificates
A “self-signed” SSL Certificate is a certificate you generate and sign yourself for free. As there is no identity verification browsers will display a security warning that the site is not to be trused. The warning may prevent users from directly navigating to your site without making an exception. As they are free and quick to create the certificates they are genreally used on internal private systems that are not public facing.
Domain Validated (DV)
These are the quickest type of validated certificate to get issued with the lowest cost, as the domain validation is offten an automated process using a challenge-response system. As this does not require organization validation, it also has the lowest trust and smaller warrenties.
Organization Validation (OV)
OV certificates require full business/company validation from a CA (certificate authority) using established and accepted manual vetting processes. As this type of validation required a human to perform part of the validation process OV certificates provide much higher levels of trust and security than DV certificates but are not validated to the standards set by the CA/B forum and do not possess the ability to turn the address bar green in all of the latest browsers.
Extended Validation (EV)
EV certificates have the higest level of validation and confirm to the guidelines set by the CA/B Forum – a standards body that requires in-depth verification of the legality and probity of a company before it is issued with an EV certificate. Because of this, EV certificates provide the highest levels of security and can show the company name within the green bar in your browser.