Protect your business and your users from data theft
by securing traffic with site-wide SSL.

With the recent announcement from Google about SEO ranking boosts for HTTPS everywhere-enabled websites, many companies are looking to secure their entire site with SSL Certificates. Always-On SSL (AOSSL) is considered a best practice by many standards bodies because it encrypts user sessions the entire time they are on your site, not just on certain pages. Many large companies like Twitter, PayPal, Facebook, and Microsoft have already enabled AOSSL on their sites to better protect their users.

Enabling Always-On SSL Is Easy with DigiCert

Enabling Always-On SSL doesn’t have to be difficult. At DigiCert, we understand that most IT administrators don’t deal with SSL Certificates every day. That’s why we try to make it as painless as possible to get your cert and get it up and running. We’ve built an arsenal of powerful tools to automate what we can and have customer support representatives standing by to help you if you run into problems.

Powerful Tools

Our innovative development team has created tools to help with every step of the certificate management lifecycle, from network analysis & discovery, to procurement, provisioning, monitoring, and even remediation.

Award-Winning Customer Service

We think that support is one of the most crucial parts of our business, so we don't outsource or have phone queues. And our support team will answer questions about any certificate, not just a DigiCert certificate.

Fast Issuance

DigiCert’s validation teams work around-the-clock to issue certificates. And their work has paid off—not only do we have some of the fastest issuance times out of any CA, we can even issue an EV certificate in a matter of hours!

5-Star Reviews

DigiCert has the highest rating of any Certificate Authority in the world. In fact, we are the only Certificate Authority to have earned a 5-star rating on

What Kind of Certificate Should I Use?

To protect your whole domain with the appropriate level of security, DigiCert recommends that companies with larger sites use a combination of a Wildcard and an Extended Validation (EV) SSL Certificate.

Learn more about when to use a Wildcard and EV certificate »

Wildcard certificates use Subject Alternative Names (SANs) to secure a domain and all of its first-level subdomains. Using a Wildcard is a convenient and cost-effective alternative to a single-name SSL Certificate if you want to secure an entire domain with a single certificate.

However, some areas of your site need the enhanced trust and visual cues offered only by an EV certificate. EV certificates give the most important areas of your site the ‘green bar’ and are proven to increase shopping cart rates and enhance user trust.


Q: Will AOSSL affect site performance?
ANSWER: Some IT organizations are still worried about the implications of enabling site-wide SSL. One major concern was that SSL will affect a site’s load time, thus affecting user experience and SEO rank. Part of this affect is because of the SSL handshake, but much of it is because the browser needs to wait for the issuer of the certificate to confirm that the certificate is valid before the page will load. So it’s true that Always-On SSL will cause some network latency due to the additional complexity; unless you consider performance when making the switch. Companies that choose their Certificate Authority carefully can avoid affecting the performance of their sites. When choosing a Certificate Authority there are many factors to take into account; however, when you’re thinking about performance, revocation checking (OSCP response time) is one of the most important factors since it will influence site speed. With DigiCert, you don’t need to choose between security and speed. With OCSP response times over 4x times faster than our competitor’s, our certificates are the clear choice for performance-minded companies.
Q: Do I need to buy more hardware or equipment?
ANSWER: Other concerns with Always-On SSL included that it would be computationally expensive. Some organizations are under the misconception that Always-On SSL will increase operational overhead costs and hardware requirements. However, due to improvements in server computing power this is no longer an issue. When Google implemented Always-On SSL, their researchers performed extensive tests on the computational load and determined that even for their high-volume site there was no need for additional hardware in their IT infrastructure.
Q: What is the biggest thing I can do to make implementing AOSSL easy?
ANSWER: Most of the concerns surrounding implementing Always-On SSL can be solved by proper implementation and choosing the right certificate. DigiCert’s wide array of products and cutting-edge technology are a perfect fit for companies looking to implement SSL site-wide. And, with our support team standing by, we’re here to help you throughout the process.

OCSP Response Times