1 Free Website

SSL Certificates

SSL certificates, what they do and which kind your site needs

What SSL certificate do I need for my website?

An SSL certificate encrypts the connection between your visitors and your site and turns on HTTPS and the padlock. A standard domain-validated (DV) certificate is enough for most sites and is often free. Use a wildcard certificate to cover all your subdomains at once, and an organization or extended validation certificate when you need to prove your business identity.

Jump to the tools Back to home

What an SSL certificate does

An SSL (now technically TLS) certificate encrypts the data that travels between a visitor's browser and your website, so passwords, form entries, and payment details cannot be read in transit. It is what switches your address from http to https and shows the padlock in the browser. Modern browsers flag sites without it as not secure, and search engines treat HTTPS as a basic expectation, so every site that collects any information, or simply wants to look trustworthy, needs one.

Certificates differ in two ways: how much of your site they cover, and how strongly they verify who you are. A regular certificate secures a single hostname, such as www.yourdomain.com. A wildcard certificate secures the main domain and all of its subdomains (mail, shop, blog, and so on) with one certificate, which is convenient when you run several subdomains.

Validation levels and free versus paid

Validation level is the other axis. Domain validation (DV) only confirms you control the domain and is issued in minutes; it is the right choice for personal sites, blogs, and most small business sites. Organization validation (OV) checks that your business is real. Extended validation (EV) is the most rigorous check of your legal identity. OV and EV are aimed at larger organizations and stores that want to display a verified business name, and they cost more and take longer to issue.

Free certificates, issued by services built into many hosting control panels, are domain-validated and perfectly legitimate; for most sites a free DV certificate is all you need. Paid certificates add stronger validation, warranties, and sometimes support, which matters more for commerce and brands. Whatever you choose, set it to renew automatically, because an expired certificate makes browsers show a security warning that scares visitors away.

What to check

What to look for

Act on this

Tools to act on this guide

Each slot below is reserved for a host, registrar, or tool we would use ourselves. We are adding them as we vet them; nothing here is a paid placement.

Reserved slot SSL certificate sign-up

Primary module to add a certificate.

Reserved slot Certificate type comparison

DV, OV, EV, and wildcard side by side.

Reserved slot Wildcard certificate option

For sites running multiple subdomains.

Questions

Frequently asked questions

Do I really need an SSL certificate?
Yes, in practice every site needs one. SSL encrypts data between your visitors and your site, enables HTTPS and the padlock, and prevents browsers from labelling your site as not secure. Even a simple brochure site benefits, because the not-secure warning erodes trust and search engines now expect HTTPS as a baseline.
What is the difference between a regular and a wildcard SSL certificate?
A regular certificate secures one hostname, such as www.yourdomain.com. A wildcard certificate secures the main domain and every subdomain under it (like mail, shop, and blog) with a single certificate. If you run several subdomains, a wildcard is more convenient and often cheaper than buying and managing a separate certificate for each one.
Is a free SSL certificate as good as a paid one?
For most sites, yes. Free certificates are domain-validated and provide the same encryption as paid DV certificates, which is why they are built into many hosting panels. Paid certificates add stronger identity validation (OV and EV), warranties, and support, which matter more for online stores and recognizable brands than for a personal blog.
What are DV, OV, and EV certificates?
They are validation levels. Domain validation (DV) only confirms you control the domain and issues in minutes, ideal for most sites. Organization validation (OV) verifies your business is real. Extended validation (EV) is the strictest check of your legal identity. Higher levels cost more and take longer, and suit organizations that want to display a verified business name.
What happens when an SSL certificate expires?
When a certificate expires, browsers stop trusting the connection and show a full-page security warning instead of your site, which drives visitors away immediately. Certificates have fixed lifespans, so the fix is to enable automatic renewal wherever your certificate is managed, so it reissues before expiry without you having to remember.

Keep exploring

1 Free Website is reader-supported. Some links on this site are affiliate links, which means we may earn a small commission when you sign up through them, at no extra cost to you. We only point to hosts, registrars, and tools we would use to launch our own site.