Transport Layer Security (TLS) certificates—most commonly known as SSL, or digital certificates—are the foundation of a safe and secure internet. TLS/SSL certificates secure internet connections by encrypting data sent between your browser, the website you’re visiting, and the website server. They ensure that data is transmitted privately and without modifications, loss or theft.
TLS/SSL certificates are the standard by all major web browsers to ensure a safer internet experience for users. Websites secured by TLS/SSL certificates are more trusted by internet users because they encrypt and protect private information transferred to and from their website. They also represent, or certify, your website’s brand identity. In that sense, TLS/SSL certificates are both an identity protection measure for online brands, and a security measure for companies transmitting private data online.
Domain Validated (DV) certificates provide the lowest level of identity authentication, meaning anonymous entities can get a certificate.
Organization Validated (OV) certificates provide additional checks to ensure identity and brand protections.
Extended Validation (EV) certificates guarantee the highest standard of identity and brand protections. With EV, brands signal a commitment to customers that transactions are secure.
EV TLS/SSL certificates protect businesses and brands because they certify that website owners are the authentic owners of their website.
Before you can obtain an EV certificate, users must demonstrate that they have legal rights to represent their business organization, web domain, physical address, and business entity, among 14 other criteria.
OV certificates are secondary to EV because they require similar methods of authentication, including verifying the web domain, and affiliated business organization, such as Inc., Corp, LLC, etc. However, OV certificates only require 9 methods of validation compared to the 14 methods required for EV.
Single domain SSL certificates is precisely what the name suggests — it’s an SSL/TLS certificate that secures only one fully qualified domain name (FQDN) per certificate. It will, however, not cover any other domain name. While generating the certificate signing request (CSR), if you create it with a WWW, almost all certificate authorities (CAs) will give you the non-WWW version free of cost.
Wildcard certificates secure a single domain and up to 250 subdomains. And now, every DigiCert certificate can be bought as a wildcard by adding SANs, so you can easily manage multiple subdomains and save.
Multi-Domain Certificates, also called SAN certificates, offer boundless flexibility and complete control over the Subject Alternative Name field. And now, any DigiCert certificate can be configured to allow multi-domain. These certificates are ideal for securing many names across different domains and subdomains (e.g., Exchange/OCS environments). You also have the option to add, change, and delete any of the SANs on the fly to reflect the evolving needs of your network.