If you know a little bit about website security, you probably know about HTTPS and the use of SSL certificates to make a website more secure. But did you know that not all SSL certificates are created equal? In fact, there are several kinds of SSL certificates.
The easiest way to think about this is that there’s no central place issuing SSL certificates. Instead, these are sold by trusted vendors, and a few big names tend to account for the majority of SSL certificates you’re likely to encounter.
After purchasing the certificate, the website owner needs to verify the certificate with the Certificate Authority it was purchased from through a Certificate Signing Request (CSR); this proves that you do manage the site you claim to be managing. Different certificates have different levels of validation, which makes some more secure than others.
At CanSpace Solutions, Canada’s leading web hosting provider, all our shared hosting services come with SSL certificates. Our basic hosting packages come with Let’s Encrypt, while the mid-level and professional plans use Comodo, a more trusted certificate.
All the certificates we offer include the basics, such as:
- HTTPS connections
- Validation of the registered domain
- 2,048-bit RSA Signature Key
- Up to 256-bit Encryption strength
- Resolution of the “Not Secure” browser warning
Let’s Encrypt is a nonprofit service created by the Internet Security Research Group to promote web security by bringing down the cost of SSL certificates. Because Let’s Encrypt is so straightforward, it’s actually easier to implement than some other certificates.
As a Domain Validated certificate, it provides exactly the same data encryption as other SSL certificates, but does not provide assurance about the identity of the business behind the website.
With Let’s Encrypt, the Certificate Authority (CA) simply verifies that the organization has control over the concerned domain. This verification is usually done via email. To verify that he or she has control of a particular domain, the owner can make changes to a DNS record or upload a file supplied by the CA to the domain.
Let’s Encrypt is not quite as widely supported as its competitors. For example, there are some known issues with certain platforms, like Blackberry, though these are unlikely to be major sources of traffic to your site.
Let’s Encrypt has a robust online community because of its popularity, but because it’s a nonprofit, users usually have to rely on online information rather than any kind of dedicated customer support.
Our higher level plans come with Comodo, which is a full-featured, traditional SSL certificate. In addition to being generally better regarded than other options, Comodo also has some extra flexibility that those with more robust websites might appreciate.
With Comodo, in addition to the steps taken with Let’s Encrypt, the Certificate Authority briefly investigates the organization making the application to ensure it’s a real company.
The CA validates not only the ownership of the domain but also organization information included in the certificate like name, city, and country.
Implementation across subdomains — For sites with multiple subdomains, you would typically need a separate SSL certificate for each subdomain. However with CanSpace, all of your subdomains are covered automatically.
Customer support — Because, unlike Let’s Encrypt, Comodo is a commercial entity, it has the funds to invest in things like around the clock customer support. So, if you ever have any issues with your certificate, you’ll have someone you can reach out to (other than us, of course).
If you’re in need of more options, we offer other SSL certificates such as Organization Validated. However, for all but the most niche of uses, the above two options should be the most straightforward. Visit our SSL and HTTPS knowledge base page to find out more, and feel free to contact us with any questions!