Servertastic

UK £ US $ Euro

Which SSL Certificate is Right for your Business?

HTTPS has become necessary to ensure a website’s success. If you are looking to make the switch yourself, then you should consider what type of SSL certificate is right for your website.

SSL certificates come in different varieties, each designed to suit the needs of certain businesses. You need to understand what sort of features your website needs to get the best results.

When deciding on which certificate to buy, you should consider the following:

  1. What information do you gather from your users? Are your users required to create a password to access an account? How much personal information are they giving you? Are they giving you credit card or bank details? The more information you gather the more vital it is to secure your website.
  2. How important is your user’s trust? Your reputation could be key to how much business you acquire. Potential customers will turn away from your business if they do not feel safe using your website.
  3. What number of domains need securing? Does your business have just one domain, or does it span multiple. Do you have subdomains branching off your main domain? (For example, mywebsite.com may have a subdomain of blog.mywebsite.com)

Once you have considered these questions, you can find out which type of certificate would suit your needs.

Domain Validation

SSL Certificates which are Domain Validated offer the basic encryption necessary to secure your website with HTTPS, and can be issued in a matter of minutes. They are also the most affordable.

However, these certificates do not confirm the identity of the business to your users. They are unsuitable for e-commerce or any website that gathers personal information from its users. DV certificates are best if your website does not gather personal details and you just need to get the encryption to switch over to HTTPS quickly.

Organisation Validation

If you need to increase the trust your users have in your business, then consider Organisation Validation. OV certificates place information about your business in the certificate details. This signifies that your website is legitimate, and not a spoof for a scam.

Organisation Validation should be considered a minimum requirement for any e-commerce website. They are also good for public facing websites that deal with less sensitive data from the users.

To obtain these you need to undergo a vetting process to prove that your are the real domain owner.

Extended Validation

These SSL certificates give your website the Green Address Bar, where the name of your business appears in green text in the URL bar next to your address. This proves to your users that you are the owner of the website and that your business is legitimate in a visible fashion. EV certificates also come with larger warranties, which provide another layer of protection should the worst happen.

Extended Validation certificates are more expensive. They also require you to undergo vetting before they can be issued.

E-commerce sites, and other business that rely on their online presence, should consider Extended Validation.  Businesses that take user’s card details or identifiable information should also consider Extended Validation.

Wildcard

If your website has subdomains that need securing, then use a Wildcard certificate. Using a Wildcard certificate to secure your subdomains is cheaper and easier to manage than purchasing a certificate for each domain.

Wildcard certificates cannot be offered with Extended Validation however, meaning you cannot get the Green Address Bar. They can still be offered with Organisation Validation.

Multi Domain

A single Multi Domain certificates allows a single certificate to cover multiple domains. Use these if you have various domain extensions for your website and you want to cover all of them in one certificate.

We provide a chart comparing a wide range of certificates from the most popular brands if you want to find out more.

Consider your options carefully, as selecting the right certificate for your website can save your business headaches and even money down the line.

Tips for Switching to HTTPS

Photo by Glenn Carstens-Peters on Unsplash

HTTPS is quickly becoming a minimum requirement for having a successful business online. Google Chrome and other browsers have begun flagging websites that have not made the transition. Therefore it is better to make the switch over sooner rather than later. To avoid getting a headache or damaging your business’s presence online it is important that your HTTPS certificate is installed properly.

There are many issues that can arise during the transition. We are to offer you some advice to keep in mind when making the switch to HTTPS.

Get the Right Certificate

Selecting the right SSL certificate for your website is the first step. If you need to ensure your user’s trust then you should go for a certificate which validates your organisation’s identity. These include Organisation or Extended Validation certificates.

If your website spans multiple domains or any number of subdomains then you may require a Multi Domain or a Wildcard certificate respectively. Using a Wildcard certificate is cheaper and easier to manage than buying a separate certificate for each subdomain.

Use a Test Server

Making your changes on a test server first can prevent issues from damaging your live website. When you are confident that the changes have been successful on the test server, you can then go ahead and apply them to the live site in the knowledge that everything has been checked beforehand.

Check your Third Party Add-Ons

Make sure that any third party services your website uses can be run over HTTPS. This can include features such as analytics or advertising. If they cannot, then this will result in “mixed content” issues, where some of your pages will not run over a secure connection. Users may become uncertain about your website if parts of it are still using HTTP. Mixed content can also render the protection provided by encryption useless.

Once you have switched to HTTPS make sure to update any plugins or modules your website uses.

Revise Internal Links

Just like with your add-ons, failure to inspect internal links can lead to mixed content issues. You should check your internal links and links to website assets to ensure they lead to proper HTTPS versions. Assets can includes images, video and audio media, web fonts, CSS, and Open Graph tags.

Checking your internal links can also help catch out links which have been broken by the transition.

Redirect

When you make the switch to HTTPS you should make sure that your users are properly redirected to the correct webpages. Without proper redirection your users might end up still visiting your website over HTTP. Search engines like Google see the switch to HTTPS as a website move, similar to changing domain names. Therefore you should redirect all of you webpages to their HTTPS versions and update your Google Webmaster tools. Make sure to update any existing redirects.

If you send out any adverts with links to your website, such as paid search ads or email marketing campaigns, then you should update them to include links to the HTTPS versions of your webpages.

Update Sitemap

Once you have switched to HTTPS you should update your sitemap with the correct HTTPS URL addresses and submit it to Google. Sitemaps make it easier for Google to crawl your website.

Check Robots.txt

To make sure that search engines like Google can still crawl and index your pages after making the switch you should check your robots.txt. You need to make sure that you have not restricted any of your HTTPS pages, otherwise potential users will not be able to find them through organic searches.

It is a good idea to re-crawl your website to check what pages can be indexed. Pages that return a 200 status code can be indexed.

Hopefully your switch to HTTPS can be free of hassle. Thorough inspections of your website and careful monitoring are key to ensuring a smooth transition.

Comodo CA Rebrands as Sectigo

From the first of November Comodo CA will officially be rebranding as Sectigo. The goal of these changes is to emphasise their expansion beyond simply offering SSL certificates into a full blown web security services. They are also intended to distinguish them from Comodo cyber security and reduce market confusion. These changes come with a brand new website and imagery.

Many of their products will also be changing their names in line this rebranding. For example, ComodoSSL will become SectigoSSL. There will also be a new trust seal featuring the Sectigo logo.

Sectigo trust seal

The good news for customers is that nothing about their service will change for the worse. Any certificates bought under Comodo CA will still be valid and will not require any changes. Their prices will not be affected by the rebranding, and you will still receive the same level of support as you were before. Here at Servertastic, the cost of Sectigo certificates will not be changing from the Comodo CA versions.

All account manager phone numbers will remain the same, though customers should be on the lookout for notifications of their new email addresses.

With this rebranding, Sectigo are looking to build upon their past successes and grow their company even further.

New logos for PositiveSSL and EnterpriseSSL

You can find out more information on the Sectigo rebranding on their new website.

You can find our range of Sectigo SSL certificates in our new Sectigo section.

How Do Wildcard SSL Certificates Work?

Secure multiple subdomains with a wildcard certificate.

Photo by Jon Moore on Unsplash

A wildcard SSL certificate differs from other types of certificates because they allow you to secure an unlimited number of subdomains along with your primary domain. This saves you the time and money of having to purchase and manage separate SSL certificates for each subdomain.

These certificates are issued to domains with the wildcard character, represented by an asterisk (*), in their hostname. This character is used to represent an unlimited number of subdomains.

For example, if we wanted to buy a certificate for mywebsite.com, we would have it issued to *.servertastic.com when generating the CSR code. Any subdomains that share the same primary name of “.servertastic.com” would be covered by the certificate. This could include...

  • forums.mywebsite.com
  • support.mywebsite.com
  • blog.mywebsite.com

And we could add as many subdomains to this list as we want, so long as they share the .servertastic.com on the end. Wildcard SSL certificates can only cover first level subdomains. So login.support.mywebsite.com cannot be secured by the wildcard certificate.

Wildcard certificates can be issued as domain validated (DV) certificates, which means they can be issued in a matter of minutes and only require you to prove that you own the domain. You can also choose to get an organisation validated (OV) certificate, where the details of your company will appear in the certificate details. This requires you to go through a vetting process to prove your website is legitimate.

They cannot be issued at extended validation (EV) certificates however. This means you cannot get your company's name in green text in the URL bar.

You can learn more by viewing our range of wildcard certificates.

Servertastic Limited is registered in England and Wales.
Registered Company Number: 04982077
VAT Number: GB125485804

Hosted by LayerShift

Mastercard Maestro Visa American Express
Diners Club JCB Discover Paypal
Sectigo Trust Seal
Reviews
Cyber Essentials