FR Sign in shopping_bag Get started
Domains Find a domain Transfer in Pricing WHOIS lookup DNS management Hosting Plans & pricing WordPress hosting How we compare Free migration Security SSL certificates Which SSL do I need? Resources Email hosting Blog Who runs on us About GigaGlobe API Partner program Help center Contact us Cart Sign in Get started FR
menu_book SSL guide

Which SSL certificate do I actually need?

Three tiers, two scopes, one decision. Here is a 90-second tour of every option — written for humans, not certificate authorities.

What you need DV OV EV
Encrypts trafficcheck_circlecheck_circlecheck_circle
Verifies you own the domaincheck_circlecheck_circlecheck_circle
Verifies your business existscancelcheck_circlecheck_circle
Multi-step audited validationcancelcancelcheck_circle
Issuance timeMinutes1–3 days3–7 days
Warranty10 000 $1 M$1,5 M$
Our price (per year)From $9.99From $79.99From $199.99
Best forBlogs, marketing sites, SaaSB2B SaaS, regulated businessBanks, payments, government

Domain Validation (DV)

The cheapest and fastest tier. The certificate authority checks that you control the domain — typically by asking you to publish a TXT record or click a link in an email — and issues the certificate in minutes.

When to choose DV: blogs, portfolios, marketing sites, most SaaS apps, internal tools. If your site doesn't take payments and isn't in a regulated industry, DV is almost certainly all you need.

What about LetsEncrypt? LetsEncrypt is free DV — and excellent. We install it on every hosting plan automatically. Paid DV mostly makes sense when you need a longer-lived certificate (one year vs LetsEncrypt's 90 days), a warranty, or a cert on a platform where ACME isn't supported.

Organization Validation (OV)

The CA also verifies that your business exists, is in good standing, and that you're authorized to request a certificate on its behalf. This takes 1–3 business days, and your organization's name appears in the certificate details.

When to choose OV: B2B SaaS where customers might inspect your cert, regulated industries (healthcare, fintech), businesses where being a verifiable entity matters. The trust signal is real if your buyer is technical.

Extended Validation (EV)

The most rigorous tier. The CA performs the same checks as OV plus a multi-step audit — phone verification, principal validation, on-the-ground confirmation. Modern browsers no longer show the green address bar (Chrome dropped it in 2019), but the validation level remains the gold standard.

When to choose EV: banks, payment processors, ecommerce platforms moving real money, government sites. If a phishing attack on your domain would be catastrophic, EV is worth the validation overhead.

Wildcard

Orthogonal to the three tiers above. A wildcard certificate covers *.example.com — every direct subdomain — under one cert. Available in DV and OV flavors.

When to choose Wildcard: any time you have three or more subdomains, or you're running multi-tenant SaaS with customer subdomains. One cert, every host, one renewal.

SAN (Subject Alternative Name)

A SAN certificate covers a specific list of hostnames — useful when you have a handful of unrelated domains and don't want a separate cert for each. Add up to 250 hostnames to one cert.

The quick decision

If you don't want to read the whole guide.

90% of customers

You're a normal business?

Get DV. Our LetsEncrypt is free with hosting. Paid DV starts at $9.99/year if you need a warranty.

DV plans
B2B / regulated

Handling money or data?

Get OV. $79.99/year for verified business identity that shows in cert details. Trusted by enterprise buyers.

OV plans
Regulated institution

Bank, gov, or major fintech?

Get EV. $199.99/year. The most rigorous validation available — usually mandatory at your scale anyway.

EV plans
Still not sure?

Tell us your stack — we'll tell you what fits.

support_agent Ask sales See all plans