Digital Certificates: What Do I Need to Know?
A digital certificate is used to show ownership of a site or domain and allows for a secure connection to be made between the end user and the servers that deliver a site’s content. Read on and learn more.
Join the DZone community and get the full member experience.Join For Free
What is a Certificate?
A digital certificate is used to show ownership of a site or domain and allows for a secure connection to be made between the end user and the servers that deliver a site’s content. Digital certificates can be self-signed or provided by a certificate authority (CA), a third-party that collects a fee for the service. A self-signed certificate adds no extra costs to maintaining your site, but will often require each visit to be explicitly allowed as a security exception by your users. In general, a self-signed certificate should not be used on a commercial site. The best practice for commercial sites is to elect a digital certificate, verified through a trusted certificate authority. Certificate authorities can verify access to certain domain resources, such as a commonly used administrator email address.
Certificate authorities offer two main options for digital certificates: SAN Certificates and Extended Validation Certificates.
Note: For all users, Yottaa is required to: (1) add a client to an existing SAN certificate, or (2) create a dedicated topology for clients that request an extended validation certificate.
A SAN certificate, or “Subject Alternative Name” certificate, allows one SSL certificate to host multiple domain names and subdomains. Typical examples are a mail.site.com, www.site.com, or mobile.site.com. Yottaa uses SAN certificates to provide improved site security features at a lower price point. This is done by spreading the cost of the certificate across multiple clients.
Extended Validation, or EV certificates, are a single domain certificate. These do not allow for wildcard usage or shared certificates within a domain. EV certificates are more expensive and allow a green identification bar to show up on most major browsers. The bar indicates a company has undergone a rigorous verification process.
Which One is Right for My Company?
For most clients an SAN certificate offers the best value and most flexibility. Other clients prefer the exclusivity of having an extended validation certificate, despite the associated costs and limitations. Because each client is unique, there is no one size fits all approach to digital certificates. If you’re having trouble weighing the costs and benefits, please feel free to reach out to our team and we can help guide you through the decision process.
Originally written by Phillip Truax.
Published at DZone with permission of Alex Pinto, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.