Think about the last time you bought something online. Maybe you were shopping for a new shirt on Amazon, or booking a vacation through a travel site. Chances are, you used a secure connection to do so. That's because more and more businesses are recognizing the importance of SSL certificates in keeping their customers' data safe. But with so many different types of certificates available, it can be tough to figure out which one is right for your business. In this post, we'll explain the basics of SSL certificates and help you decide which type is best for you.

What is an SSL Certificate, and why is it important to have one?

An SSL (secure sockets layer) certificate is a type of digital certificate that encrypts data sent between two or more parties. It is used to establish an encrypted connection and allow secure communication over the internet. Essentially, it scrambles the data to and from a site to prevent anyone who's "eavesdropping" from reading it. The SSL cert helps an internet browser or web server authenticate a site's identity, lending to your site's trustworthiness and credibility. When you see a website address beginning with “HTTPS” instead of just “HTTP,” that site has an SSL certificate in place (the "s" in "HTTPS" stands for "secure").

Having a SSL certificate is especially important for SEO rankings. Did you know Google ranks all HTTPS or SSL-secured sites higher than non-secure sites? In 2014, Google officially announced it would use SSL certification as a ranking factor in its search algorithm. And as of 2018, Google populates a "Not Secure" warning on all non-HTTPS sites accessed in Chrome. If customers visit your site for the first time and see that warning, they will understandably be hesitant about accessing your site any further—let alone think about buying a product or inputting sensitive information. By investing in an SSL, you demonstrate to your site visitors that you value keeping their data secure. The instantaneous reassurance of the little lock in the address bar is one of the best marketing techniques you could employ.

Types of SSL Certificates

Depending on your website's security needs, there are several different types of SSL certificates available. Here are the most common ones:

  1. Domain Validated (DV) Certificates: A DV Certificate is the most basic type of certificate and checks only that the person requesting the certificate controls the domain listed in the request. These certificates are generally issued very quickly, but their authentication is the weakest of all certs.

Best for: personal sites, blogs, social sites

  1. Organization Validated (OV) Certificates: OV certificates require more paperwork and go through a more rigorous vetting process than DV certificates. They are authenticated at the organization level rather than just the domain and include basic company information with the certificate.

Best for: businesses, organizations

  1. Extended Validation (EV) Certificates: An EV Certificate requires a certain level of due diligence to ensure the legitimacy and accuracy of an organization's identity information. That's why they are also called “high assurance certificates.” The most visible sign that you have an EV certificate is when the browser bar turns green when you visit a website.

Best for: eCommerce sites

This infographic from GoDaddy provides a clear, visual breakdown of the different validation types and how they work.

Types of SSL Certificate Plans

  1. Standard SSL - A standard SSL certificate is designed for single domain websites. It activates the padlock and https, and provides a basic level of encryption.
  2. Multi-Domain or Subject Alternative Names (SAN) SSL - A multi-domain SSL certificate provides a secure connection for multiple domains with one cert. These are great if you manage websites with geo-based domains or different top-level domains (ex. .com, .eu, .shop). Most basic SAN certs cover 5 domains, with the option to cover up to 100 domains for an additional fee. This can be the most cost-effective solution for multiple domains, and you save time by handling one SSL for all your sites.
  3. Wildcard SSL Certificate - A wildcard SSL certificate provides a secure connection for an unlimited number of subdomains on the same domain name. It is perfect for sites with multiple levels of pages, such as ecommerce stores that have different URLs for each product page.

When purchasing an SSL cert, you match the plan you want with the necessary level of validation you need. GoDaddy offers this helpful guide for matching the plan you need with the proper certificate type, along with the typical pricing for each plan.

How do I know which is right for my business?

All SSL certificates offer the same level of encryption, so your choice largely depends on business needs. If you have one website with a single domain name and no subdomains, a standard certificate is ideal. If you manage multiple websites or subdomains, a SAN or Wildcard certificate is the best option for saving time and money. For high-end ecommerce sites, an EV Certificate is the best choice for demonstrating your commitment to security.

No matter which type of SSL certificate you choose, make sure that it is issued by a trusted authority like Symantec or Comodo. This will ensure that customers have peace of mind when accessing your website. Check out Forbes' list of the best SSL certificate service providers of 2022.

You might think as a small business that no one would bother hacking your site, but think again—small businesses are three times more likely to be targeted in a cyberattack than large companies. And without the resources of these large companies, you have much more to lose as a small business. Sixty percent of all small businesses that fall victim to cyber criminals go out of business within six months of the attack. This is why it’s so important to invest in an SSL sooner rather than later.

When choosing an SSL certificate plan, make sure to read the terms and conditions carefully. Some certificates offer additional features that may be beneficial to your business. Finally, keep in mind that SSL certificates do expire, so you will need to renew them periodically. Taking these steps will help ensure that your website is secure, and customers have the confidence they need when accessing it.

Illustration showing hackers breaking into a computer and accessing its secure data.

Redirecting from HTTP to HTTPS

Once you’ve purchased and installed your SSL certificate, it’s time to redirect your website from HTTP to HTTPS. This process is simple but important as it helps ensure that customers are connected securely when accessing your site.

You can do this manually by altering the code on your website or automatically with a plugin like Really Simple SSL. If you’re using a CMS like WordPress, there is usually an easy-to-follow guide for redirecting your site from HTTP to HTTPS.

Next, you'll want to make sure you notify Google of your new protocol, as it considers the HTTP and HTTPS versions as two different sites. You can do this by logging into your Google Search Console account and verifying your HTTPS version. Be sure to use the same email account associated with your Google Analytics account, so Google can confirm your ownership of the domain. Your redirect will be ready to go even if the transfer process takes a few days. This article from Semrush provides in-depth instructions on redirecting to HTTPS, no matter your setup.

Finally, make sure to update any internal links or marketing materials that point to the old HTTP version of the website with the new HTTPS version. This will help ensure that customers can find your website and that they are connected securely when they do.

The Bottom Line

SSL certificates are an essential part of website security. They encrypt data and protect customers from cyber criminals who could use the information against them. Different types of SSL certificates offer various levels of protection for your business, with varying costs associated with each one. Make sure to do your research and select the plan that best meets your needs. Investing in the right SSL certificate will help build customer trust, increase website security, and help you outrank your competition on Google. So what are you waiting for?

Published on: December 13, 2022 by Jason Killingworth, Director of Hosting Technologies