As an Acquia customer, you have the ability to upload SSL certificates through your Cloud UI to protect your Drupal website. (For steps on installing and updating an SSL certificate see our article, Installing an SSL certificate).
However, there are different types of SSL certificates. Below we discuss the different types available to our customers to purchase through a third-party Certificate Authority(CA) vendor of their choice.
Extended Validation Certificates (EV SSL)
The Extended Validation Certificate is the highest-ranking SSL certificate with the most amount of authority and is strongly encrypted. When purchased the Certificate Authority has to establish the legal entity behind the Organisation asking for the certificate.
Organization Validated Certificates (OV SSL)
The Organization Validation SSL certificate's primary is similar to an EV SSL. However, its primary purpose is to give the customer confidence that the sensitive information that is passing over an encrypted connection is being communicated to the Organisation that's represented in the domain.
Domain Validated Certificates (DV SSL)
Domain Validation SSL Certificate has minimal encryption, and the validity of the purchaser need proof of ownership of the domain. The validation process for this type of SSL certificate does not require the Certificate Authority to obtain a large amount of information to validate the SSL certificate.
Wildcard SSL Certificate Multi-Domain SSL Certificate (MDC)
Wildcard SSL certificates allow for an SSL connection between a customer and Organisation encrypted like all the others mentioned above, additionally thought the Certificate Authority allows the Organisation to encrypt unlimited first-level subdomains, for example, qa.domian.com or www.domain.com.
Unified Communications Certificate (UCC)
Unified Communications Certificate use a single SSL certificate where the Organisation specifically names each domain that is going to be encrypted. The difference between an MDC and UCC is a UCC is absolute. If the Organisation wanted to add another subdomain, they would have to go back to the Certificate Authority to get new subdomains added.
Elliptic Curve Cryptography (ECC)
Elliptic Curve Cryptography is an alternative to the RSA encryption standard that uses a mathematical principle of calculating the discrete logarithm of a random elliptic curve to generate its encryption keys. There are some drawbacks, though, mostly related to universal acceptance and the computational power of the connecting devices, and you should discuss those with your certificate vendor before procurement.