In order to install and implement SSL/TLS on your website, first you have to obtain a certificate. These certificates can be purchased online, but they come in different types, prices, and get issued from different authorities. In order to know what’s best for your business website, let’s discuss the certificate authority in more detail.



A certificate authority (CA) is an entity that issues SSL/TLS licenses. They have their own private key to sign the issued certificate, which is known as the root certificate. Websites with root certificates are considered “trusted sites” by commonly-used browsers. If a website has an SSL/TLS certificate that’s not issued by a root certificate authority, you will get a pop-up window warning you the security certificate isn’t from a trusted source.



The most well-known certificate authority is Verisign, but other popular ones include GeoTrust, Thawte, Symantec, and Comodo.



SSL/TLS certificates come in three different types: single-domain, multi-domain, or wildcard:



- A single-domain certificate can be used on one website, such as pspinc.com.



- A multi-domain certificate can be used on more than one website, such as pspinc.com, dreamersi.com, pspchildrensfoundation.org.



- A wildcard certificate can be used on one domain with an unlimited number of subdomains, such as pspinc.com, blog.pspinc.com, admin.pspinc.com, mailserver.pspinc.com.




It’s good to know this information in advance, so you aren’t completely in the dark when determining what kind of security certificate your website needs, and where to buy it. Next up, we’ll discuss how these certificates help validate the legitimacy of a website.