SSL/TLS certificates are an essential security detail of any trusted website and a crucial business requirement for eCommerce websites that expect to generate revenue via a trusted website platform.
What Are SSL Certificates For?
The basic function of an SSL certificate is to provide secured communications between the web server and the website user. The SSL certificate gives you the padlock at the top of the browser. It guarantees that the data being served is the data intended by the provider.
However, if you look closer, you will see that there is more to SSL certificates than their surface-level function.
Paid SSL Certificates
A paid SSL certificate requires the Certificate Authority (CA) to validate the website and company details prior to issuing the certificate. This gives the consumer the utmost confidence that the website is legitimate and safe to use.
Free SSL Certificates
There are many scenarios where a free SSL certificate is perfectly adequate for a website because it ensures your site will be encrypted! Free SSL certs are great for personal blogs such as WordPress sites or internal intranet pages.
Free certificates are Domain Validated (DV) and can be created by anyone who has admin access to the domain name. This does create an element of trust; however, it’s easy to circumvent these protections, making it possible for unscrupulous entities to create a secure connection to an untrustworthy site.
Site Validation
A paid SSL certificate from a trusted certificate authority, such as RapidSSL, guarantees the users that they are visiting a secured, encrypted, and genuine website. It also guarantees that the website owner and website have been vetted and tested. This creates a level of trust between the consumer and the website that is vital for all revenue-generating websites or sites that exchange personal information to be validated.
There are three types of validation available for paid certificates:
- Organization Validation (OV) – an OV certificate verifies the identity of the organization. This might be a business, non-profit, NGO, or government organization.
- Individual Validation (IV) – this validates an individual’s website or someone that is not registered as a business.
- Extended Validation (EV) – an EV validates the identity of the organization at a deeper layer, representing a higher level of trust as more rigorous checks are required by the CA.
Benefits of a PAID SSL
While an OV or EV certificate validates the owner of a website, the sender of an email, the digital signatory of executable code, or that PDF documents are trustworthy, there are other important reasons why you should opt for a paid SSL.
Paid certificates have a longer certificate lifetime. Free certs typically last from 90 days, but usually, no longer than 1 year before they must be renewed. Paid certificates typically last for a minimum of 3 years, however, they can last for much longer, and it depends on what policy the certificate authority follows.
Your system admins will thank you for longer certificate lifetimes, as renewing an SSL is not the simplest of tasks to complete. Other perks of a paid SSL include a warranty that protects you financially in the event the certificate caused website errors resulting in the loss of revenue. Regardless of the implications of this warranty, you can rest easy, as SSL certificates are incredibly reliable and it’s almost never the certificate causing issues.
Secure and Trustworthy for Absolute Customer Confidence
SSL certificates are the number one security detail to promote trust in a website. A certificate encrypts website communications and guarantees site authenticity. The Chrome web
browser confirms that a site has a valid security certificate by displaying a padlock, while Safari shows a security shield. Without a SSL certificate, some browsers will outright
block your site. SSLs are a key component in web security.
What Kind of SSL Certificate Do I Need?
What Kind of SSL Certificate Do I Need?- Each SSL has a different use case scenario. Some are free and some are subscription-based. Some can even be created by the user, but most need to be purchased from a Certificate Authority (CA).
- An unregistered Private Trust Certificate is the most basic available. It’s a free self-signed cert created by the user. This is only recommended for internal company sites or personal blogs.
- Basic trust is a domain-validated certificate that creates a private security session for the user. These are usually free of charge, and you can use applications like Let’s Encrypt to create rolling 90-day certificates. These are only recommended for sites not bound by regulations like PCI compliance or HIPAA compliance
- Enhanced trust is available at an organizational or individual level using validated certificates that also create a private security session for the user. Business information is hard-coded into the enhanced certificate. Most business sites will start with this type and grow from here depending on compliance requirements.
- Complete trust is an Extended Validation certificate that creates a private secure session with the user and typically displays the business details, usually in a green color next to the padlock. These types of certificates are usually used by companies that are under compliance requirements like HIPAA, PCI-DSS, HITECH, etc.
- There are three types of Registered Certificates:
Domain Validated Certificate (DV)
- (Basic)
Organizational / Individual Certificate (OV)
- (Enhanced)
Extended Validation Certificate (EV)
- (Complete)
SSL/TLS Options
A VISUAL GUIDE TO CHOOSING THE RIGHT SSL/TLS FOR YOUR ORGANIZATION
SSL Certificate Pricing, Specification, and Warranty
| Name | Geo Trust Quick SSL Premium | Geo Trust True Business ID | Geo Trust True Business ID EV |
|---|---|---|---|
| Validation Type | Domain Validated | Organization Validated | Extended Validation |
| Wildcard | No | No | No |
| SAN Support | Supports 1 SAN package that includes 4 sub-domains ($40/year). |
SANs are $40/year each. Supports up to 100 domains. Minimum order is 4 SANs. |
SANs are $50/year each. Supports up to 100 domains. Minimum order is 4 SANs. |
| Price | $149/year | $199/year | $299/year |
| Issuance | 1-2 days | 1-14 days | 1-4 weeks |
| Re-issues | Unlimited | Unlimited | Unlimited |
| Warranty by CA | $500,000 | $1,250,000 | $1,500,000 |
| Business Validated | No | Yes | Yes |
| Security and Encryption | 256-bit encryption signed with a 2048-bit root |
256-bit encryption signed with a 2048-bit root |
256-bit encryption signed with a 2048-bit root |
| Available Periods | 1 Year | 1 Year | 1 Year |
| Name | Geo Trust True Business ID Wildcard | RapidSSL Basic | RapidSSL Wildcard |
| Validation Type | Organization Validated | Domain Validated | Domain Validated |
| Wildcard | Yes | No | Yes |
| SAN Support | No | No | No |
| Price | $599/year | $59/year | $249/year |
| Issuance | 1-7 days | 1-2 days | 1-2 days |
| Re-issues | Unlimited | Unlimited | Unlimited |
| Warranty by CA | $1,250,000 | $10,000 | $10,000 |
| Business Validated | Yes | No | No |
| Security and Encryption | 256-bit encryption signed with 256-bit encryption 256-bit encryption a 2048-bit root | 256-bit encryption | 256-bit encryption |
| Available Periods | 1 Year | 1 Year | 1 Year |
SSL installation is $100 for each SSL certificate
You also get 24/7 support from the CA, especially useful if you have a certificate expiring in the next few hours. The CA support team will be available to generate you a new certificate in next to no time. To request an SSL with Atlantic.Net, please call 1-888-618-DATA (3282) or email [email protected].
Atlantic.Net SSL Resources
Atlantic.Net offers VPS hosting as well as managed hosting services which include a layer of business-essential managed services to your hosting packages. Contact us today for more information.
Learn more about SSL by visiting the following resources:
SSL, VPN, and Compliance: Frequently Asked Questions
Why All Small Business Owners Need to Install SSL Certificates Immediately
Install LAMP Server with Let’s Encrypt Free SSL on Ubuntu 18.04
How to Generate a Certificate Signing Request (CSR) for an SSL
