Are you wanting to set up a Prestashop store, but are confused about SSL certificates? Never fear, this article is here. I will teach you about the differences between the different types of certificates and everything you need to know to make the most informed decision.
Choosing the SSL Certificate
This is the first step, you need to decide what kind of SSL certificate that you want. There are 4 basic kinds of SSL certificates, I will explain them below. One basic requirement of having an SSL certificate is having a dedicated IP address for your site. Most hosts charge only a few dollars a month for a dedicated IP address and some even have plans that include them.
Domain Validation SSL Certificate
These are the bare minimum that you need to protect your site. They are very affordable, usually around $8-$12 per year. Compared to the other other certificates, there is nothing wrong with these, they just do not offer the warranty protection that some of the other certificates offer. That being said in my time in e-commerce I have never known anyone to use the warranty either. Below is what an address bar using a standard certificate looks like.
Organizational Validation SSL Certificate
Organizational validation certificates are a middle ground certificate. They validate the company or organization getting the certificate, doing this they are supposed to gain a higher level of trust. They do not turn the toolbar green like a EV certification though. But they do have warranties attached to them unlike with the domain validated certificates. As for pricing they usually cost around $40 per year and that includes a $50,000 warranty.
EV SSL Certificate
These certificates are called Extended Verification certificates. Unlike the regular certificates, these verify your company information and can take several days to issue. They usually come with a warranty between $250k and $1.5m. The good thing about these certificates is they are the ones that turn your toolbar green and have your company name in the bar. Below is an image of Paypal’s EV certificate. Studies by certificate authorities say that the green bar increases sales and trust. Studies by independent companies say it does not matter. As for cost these are among the most expensive starting around $150 per year and going up from there.
Wildcard SSL Certificate
A wildcard certificate can be issued in either a standard, organizational, or EV certificate. The difference in a wildcard certificate and normal certificate is that it can secure unlimited sub domains. So if you wanted to secure blog.yoursite.com, payment.yoursite.com, and yoursite.com you would need to use a wildcard certificate. Basically any sub domain under yoursite.com would be secured using one of these certificates. The main reason for using one of these certificates with e-commerce is that you can have your store at yoursite.com, but then have the checkout process go to something like checkout.yoursite.com. These certificates are generally the most expensive in their validation class. They start out around $100 for a standard and $170 for an organizational validated certificate.
Multiple Domain Certificate
Multiple domain certificates work exactly like you would expect, they cover multiple domains. This is a good certificate to use if you have a site that geo targets users to a domain. Like for instance if you send US users to site.com and UK users to site.co.uk. You can have one SSL certificate that covers both domains. Or if you use Prestashop multi-shop and are operating several different stores, you can set them up to use a multiple domain certificate so that you only have to have one IP address for all of the stores. The multiple domain certificates are are available in standard, organizational, and EV versions. The prices range from around $30 for a standard certificate to $250 for an EV multiple domain certificate.
Once you get your SSL certificate and get your host to install it, you can activate SSL in your Prestashop store. To do this in the back office go to Preferences > General. In there the screen will look like the image below.
Once you click on that, Prestashop will redirect you to the SSL page to test that SSL is working properly on your server. If it is you will have the option to enable SSL. Once you enable it, your shop will be able to take orders securely and your customers data will not be at risk.
One note I would like to make is that since Heartbleed has happened fairly recently, it would be a good idea to check with your host to see if your site has been patched.
About the Author: Lesley Paone
Lesley has worked in e-commerce for over a decade, and is the founder of dh42. Starting out with PrestaShop and brancing out into other platforms like Shopify. He loves all things e-commerce and loves a challenge, in his spare time he helps moderate several forums on SEO, e-commerce, as well as the PrestaShop forum. If you have any questions for him about any of his articles just use our contact form to contact him.