There are two way to classify the SSL certificate — by functionality and by validation procedure.

Types of SSL certificates by functionality

  • Standard certificates. These certificates are issued for one domain name only and do not possess any special features.
  • Mobile certificates. Mobile devices — smartphones, tablets, etc. — often cannot use the full-scale encryption techniques. Mobile certificates use only those techniques that are definitely supported by the mobile devices.
  • SGC-certificates. SGC  means Server Gated Cryptography. These certificates force 128-bit encryption even on devices that do not support it by default. They are often used for online stores, banks and other resources where protection of the data transfer is more important than the website’s performance.
  • Wildcard certificates. These certificates allows to cover both the website and all of its subdomains by one certificate. They are more expensive, but worth it if you have a lot of subdomains. The name is derived from the wildcard symbol (*), which is placed before the domain name in the certificate.
  • Multi-Domain certificates. These certificates are much more expensive than the standard ones, but they are worth it on the Microsoft Exchange projects and other projects with a large amount of domains.

There are also mixed types of certificates — for example, a wildcard SGC-certificate.

Types of SSL certificates by verification procedure

In order to get any kind of SSL certificate, you also need to create a private key and a CSR request.

  • Certificates with a domain validation. Can be issued to any domain that does not contain hints on bank or any other financial activity. Can be issued in 10-30 minutes. All that is required from the user is to click the email link, which will be sent to the website administrator’s email address.
  • Certificates with an organization validation. Are required on the domains that are connected to any sort of financial activity on the internet. The validation process can take up to 10 days and includes a phone call to the domain administrator and the organization check through the government and private databases.
  • Certificates with an extended validation. Provide the highest level of protection. The validation process includes the complete organization validation, and the request for the certificate must be submitted on paper, with a government issued stamp and a signature of the person in charge.