There are different types of SSL certificate with different costs. Due to the difference in the depth of the initial verification procedure, the time taken to obtain a certificate varies from almost immediate to 10 days.
Anyone can create their own "self-signed" certificate. There is no cost to this but it is fairly useless as a means to protecting your website. This is because no trusted third party verified the authenticity of the certificate. However it can be useful to ensure that your new website will work correctly once a proper certificate is purchased. In theory it can be used for an intranet that is only accessible from within the firewall. However staff will not appreciate the message that browsers display when accessing a website that uses a "self-signed" certificate:
Also known as Low Assurance certificates, these are the most basic certificate provided by a 3rd party. It is used to verify the website domain. It does not verify the organisation that operates the website. The issuer will verify that the applicant has registered the domain name to which the certificate will be associated. It provides basic security but a hacker can still gain access to your customers' information.
Also known as High Assurance certificates, these certificates verify that the applicant's business is correct, as well as their domain name.
Before an EV certificate is issued, the issuer will check the person applying, their organisation and the domain.
The result is the highly trusted green bar and company name being displayed in the browser. This will give ultimate confidence to customers to finalise their transaction.
