{"id":1622,"date":"2025-11-10T16:38:58","date_gmt":"2025-11-10T13:38:58","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/dv-vs-ov-vs-ev-vs-wildcard-ssl-the-friendly-guide-to-choosing-the-right-certificate-for-e%e2%80%91commerce-and-saas\/"},"modified":"2025-11-10T16:38:58","modified_gmt":"2025-11-10T13:38:58","slug":"dv-vs-ov-vs-ev-vs-wildcard-ssl-the-friendly-guide-to-choosing-the-right-certificate-for-e%e2%80%91commerce-and-saas","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/en\/dv-vs-ov-vs-ev-vs-wildcard-ssl-the-friendly-guide-to-choosing-the-right-certificate-for-e%e2%80%91commerce-and-saas\/","title":{"rendered":"DV vs OV vs EV vs Wildcard SSL: The Friendly Guide to Choosing the Right Certificate for E\u2011commerce and SaaS"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><p>I still remember a Tuesday launch that almost didn\u2019t happen. The product pages were beautiful, the checkout was buttery smooth, and the hype was real. Then, five minutes into testing, someone noticed the browser\u2019s little padlock wasn\u2019t showing consistently on a few subpages. Cue the room going quiet. The site technically worked, but psychology took over: if the padlock flickers, carts get abandoned. We pressed pause, fixed the cert chain, and learned a lesson I\u2019ve never forgotten\u2014SSL is not just encryption; it\u2019s confidence, it\u2019s narrative, it\u2019s that warm feeling of \u201cwe\u2019ve got you.\u201d<\/p>\n<p>If you\u2019ve ever stared at a certificate order form wondering whether to pick DV, OV, EV, or a wildcard, I\u2019ve been there. I\u2019ve helped stores choose between \u201cship today with DV\u201d and \u201cwait for OV paperwork\u201d more times than I can count. And on the SaaS side, when multi-tenant subdomains and customer vanity domains enter the chat, the question isn\u2019t theoretical anymore\u2014it impacts your deployment pipeline, your support queue, and your brand.<\/p>\n<p>So let\u2019s talk about it\u2014no fluff, no scare tactics, just the real-world moments when DV makes perfect sense, when OV or EV earns its keep, and how wildcard SSL fits into the picture without becoming a maintenance headache. By the end, you\u2019ll have a simple, practical playbook you can use the next time a checkout page, a tenant subdomain, or an investor demo depends on that tiny padlock doing its job.<\/p>\n<div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#What_SSL_certificates_Actually_Promise_and_What_They_Dont\"><span class=\"toc_number toc_depth_1\">1<\/span> What SSL certificates Actually Promise (and What They Don\u2019t)<\/a><\/li><li><a href=\"#DV_OV_EV_in_Ecommerce_Picking_the_Right_Level_of_Proof\"><span class=\"toc_number toc_depth_1\">2<\/span> DV, OV, EV in E\u2011commerce: Picking the Right Level of Proof<\/a><\/li><li><a href=\"#Wildcard_SSL_in_the_Real_World_Flexibility_With_Strings_Attached\"><span class=\"toc_number toc_depth_1\">3<\/span> Wildcard SSL in the Real World: Flexibility, With Strings Attached<\/a><\/li><li><a href=\"#SaaS_Playbook_Tenant_Subdomains_Custom_Domains_and_Automation_Without_Drama\"><span class=\"toc_number toc_depth_1\">4<\/span> SaaS Playbook: Tenant Subdomains, Custom Domains, and Automation Without Drama<\/a><\/li><li><a href=\"#Issuance_Hurdles_and_Renewal_Nightmares_and_How_to_Dodge_Them\"><span class=\"toc_number toc_depth_1\">5<\/span> Issuance Hurdles and Renewal Nightmares (and How to Dodge Them)<\/a><\/li><li><a href=\"#Performance_Trust_and_Those_Subtle_UX_Signals\"><span class=\"toc_number toc_depth_1\">6<\/span> Performance, Trust, and Those Subtle UX Signals<\/a><\/li><li><a href=\"#Rules_of_Thumb_How_I_Choose_Without_Overthinking_It\"><span class=\"toc_number toc_depth_1\">7<\/span> Rules of Thumb: How I Choose Without Overthinking It<\/a><ul><li><a href=\"#The_ecommerce_version\"><span class=\"toc_number toc_depth_2\">7.1<\/span> The e\u2011commerce version<\/a><\/li><li><a href=\"#The_SaaS_version\"><span class=\"toc_number toc_depth_2\">7.2<\/span> The SaaS version<\/a><\/li><\/ul><\/li><li><a href=\"#Compliance_and_Reality_Checks_Without_the_Drama\"><span class=\"toc_number toc_depth_1\">8<\/span> Compliance and Reality Checks Without the Drama<\/a><\/li><li><a href=\"#A_Few_Stories_That_Shaped_My_Playbook\"><span class=\"toc_number toc_depth_1\">9<\/span> A Few Stories That Shaped My Playbook<\/a><\/li><li><a href=\"#WrapUp_The_Simple_Honest_Way_to_Choose\"><span class=\"toc_number toc_depth_1\">10<\/span> Wrap\u2011Up: The Simple, Honest Way to Choose<\/a><\/li><\/ul><\/div>\n<h2 id=\"section-1\"><span id=\"What_SSL_certificates_Actually_Promise_and_What_They_Dont\">What <a href=\"https:\/\/www.dchost.com\/ssl\">SSL certificate<\/a>s Actually Promise (and What They Don\u2019t)<\/span><\/h2>\n<p>Here\u2019s the thing that\u2019s both comforting and confusing about certificates: every modern certificate\u2014DV, OV, EV, wildcard\u2014does the same fundamental job at the protocol level. They all enable HTTPS so data travels encrypted. That\u2019s the baseline and, for many use cases, it\u2019s enough.<\/p>\n<p>Where they differ is the <strong>story of identity<\/strong> they tell. A DV (Domain Validation) certificate says, \u201cThe party controlling this domain approved this certificate.\u201d That\u2019s it. An OV (Organization Validation) certificate adds, \u201cAnd we verified there\u2019s a real legally registered organization behind this domain.\u201d EV (Extended Validation) takes it further: \u201cWe validated the organization\u2019s identity in a stricter, more detailed way.\u201d You still get encryption either way, but the identity signal gets stronger as you go up the chain.<\/p>\n<p>Now, a quick reality check. Modern browsers no longer throw a parade for EV like they used to\u2014no more permanent green bar showmanship. That doesn\u2019t mean EV is useless; it simply means users won\u2019t always see an obvious visual difference. The value shifts to specific scenarios: compliance checklists, procurement policies, and industries where legal identity display and auditability matter.<\/p>\n<p>Wildcard, by the way, is a <strong>scope<\/strong> thing, not a validation level. You can get a wildcard that\u2019s DV or OV, but not EV. The wildcard part means your certificate covers many subdomains under the same root, like <strong>*.example.com<\/strong>. That\u2019s flexibility, with caveats we\u2019ll dig into later.<\/p>\n<h2 id=\"section-2\"><span id=\"DV_OV_EV_in_Ecommerce_Picking_the_Right_Level_of_Proof\">DV, OV, EV in E\u2011commerce: Picking the Right Level of Proof<\/span><\/h2>\n<p>Let me tell you about a boutique apparel site that called me two days before Black Friday. They had a DV cert from a common CA and were worried it \u201cwasn\u2019t professional enough.\u201d They imagined a magical conversion boost by switching to EV. I get the instinct\u2014when you\u2019re in the trenches, you want every edge. But the honest advice was simple: with a hosted payment gateway, a clean brand experience, and clear trust signals (like reviews, return policy, and consistent domain), <strong>DV was absolutely fine<\/strong>. We focused on performance and reliability instead, and they had their best weekend ever.<\/p>\n<p>So, when does OV or EV earn its keep for an online store? Three moments come to mind. First, if your risk team or a partner\u2019s checklist requires organizational validation, OV is a straightforward way to show \u201cthis site is operated by a vetted company.\u201d Second, if you\u2019re processing cards on your own pages and working through a longer compliance playbook, the paper trail that OV provides can help during audits. Third, if your brand lives in a space where trust is fragile\u2014financial services, charity donations, healthcare portals\u2014EV can be a signal worth sending, even if browsers don\u2019t highlight it like the old days. It ties your domain explicitly to a registered, thoroughly verified legal entity.<\/p>\n<p>But don\u2019t underestimate DV. Most modern storefronts, especially those integrating with hosted payment pages or tokenized gateways, lean on DV for speed, automation, and renewals that never miss a beat. And since the actual encryption strength is the same, your users\u2019 data isn\u2019t less safe because you chose DV. If your checkout redirects to a payment provider or uses embedded PCI-compliant SDKs, the certificate decision should align with operational simplicity first.<\/p>\n<p>There\u2019s one more human factor: familiarity. If your customer base is non-technical, they rarely differentiate between DV and EV at a glance. The trust they feel often comes from steady HTTPS across the entire site, zero mixed content warnings, and a consistent domain from browsing to checkout. Nothing kills confidence like a domain hop or a scary interstitial. Nail the continuity and you\u2019ve already won half the battle.<\/p>\n<h2 id=\"section-3\"><span id=\"Wildcard_SSL_in_the_Real_World_Flexibility_With_Strings_Attached\">Wildcard SSL in the Real World: Flexibility, With Strings Attached<\/span><\/h2>\n<p>Think of a wildcard certificate as an all-access pass for subdomains. Need <strong>app.example.com<\/strong>, <strong>api.example.com<\/strong>, <strong>assets.example.com<\/strong>, and a few others covered? A wildcard can do that with a single cert. It feels like magic when you\u2019re juggling many subdomains or spinning up environments on the fly. I\u2019ve used them for internal tools, staging farms, and microservices fronted by a single domain\u2014super convenient.<\/p>\n<p>But convenience has a cost. The biggest tradeoff is <strong>key distribution<\/strong>. If that private key ends up on ten servers, suddenly your blast radius is bigger. If one server gets compromised, you\u2019re rotating a certificate everywhere. That\u2019s why I prefer scoping carefully. Use a wildcard when you truly need the coverage and can automate renewals, but consider separate certs for high-risk or externally exposed endpoints. Short lifetimes and automated rotation help too.<\/p>\n<p>One important detail: <strong>EV wildcards don\u2019t exist<\/strong>. If you want the organization identity story that EV tells, you\u2019ll need to cover each hostname explicitly. For most teams, OV or DV wildcards fit the bill, and the difference shows up in your procurement paperwork more than in a user\u2019s browser chrome.<\/p>\n<p>For issuance, many teams lean on ACME providers for wildcard certs using DNS challenges. If you\u2019re curious how domain control validation actually works under the hood, this overview of <a href=\"https:\/\/letsencrypt.org\/docs\/challenges\/\" rel=\"nofollow noopener\" target=\"_blank\">how domain control validation actually works<\/a> is a handy refresher and can help you plan your automation. In practice, once DNS is in your IaC flow, renewals become background noise.<\/p>\n<h2 id=\"section-4\"><span id=\"SaaS_Playbook_Tenant_Subdomains_Custom_Domains_and_Automation_Without_Drama\">SaaS Playbook: Tenant Subdomains, Custom Domains, and Automation Without Drama<\/span><\/h2>\n<p>SaaS brings its own flavor of certificate puzzles, and I love it because it\u2019s where good automation pays off big. If your app provisions tenant subdomains\u2014say <strong>acme.yourapp.com<\/strong>\u2014you\u2019ve got choices. You can front the platform with a wildcard and route tenants internally, or issue per\u2011subdomain DV certs on demand. Both work. Wildcards are simple, but per\u2011subdomain certs keep keys isolated and can be rotated independently. I tend to choose based on operational comfort: if my team already has solid ACME tooling, on\u2011demand DV per tenant is clean and scales beautifully.<\/p>\n<p>Custom domains are where teams get tripped up. A customer wants <strong>portal.customer.com<\/strong> to point to your SaaS. If you control DNS for <strong>customer.com<\/strong>, it\u2019s easy. But you usually don\u2019t. You\u2019ll need a validation path that fits the customer\u2019s reality. Some platforms use a CNAME to a verification host, then issue certs on demand; others integrate DNS provider APIs or offer step\u2011by\u2011step DNS-01 instructions. It sounds minor, but that first\u2011time setup dictates how many support tickets you\u2019ll open next quarter. If your Sweet Spot is \u201cwe give them a record to set once and the rest is automatic,\u201d your support team will send you thank\u2011you coffee.<\/p>\n<p>One of my clients tried to secure thousands of custom domains with manual CSR generation and email validation. You can probably imagine how that went. Projects stalled, renewals crept up, and the operational anxiety became real. We moved to automated DV issuance with short\u2011lived certs, invested in better observability, and the pressure evaporated. The whole platform felt calmer because certs stopped being calendar items and became just another reliable background task.<\/p>\n<p>Should a SaaS ever push for OV or EV? Sometimes. If your landing domain (the marketing site, billing portal, or status page) needs a stronger identity story\u2014for example, enterprise procurement reviews or legal\/compliance checklists\u2014OV can make those conversations easier. EV is rare in SaaS, but I\u2019ve seen it for B2B products servicing highly regulated industries where trust optics matter in RFPs. The app traffic itself usually runs happily on DV, while the \u201ccorporate\u201d endpoints carry the heavier validation.<\/p>\n<p>If you\u2019re curious about the nuts and bolts of standing up a production web stack with sane TLS defaults and zero\u2011downtime deployment, I\u2019ve written <a href=\"https:\/\/www.dchost.com\/blog\/en\/node-jsi-canliya-alirken-panik-yapma-pm2-systemd-nginx-ssl-ve-sifir-kesinti-deploy-nasil-kurulur\/\">my no\u2011drama playbook for taking Node.js live with Nginx and SSL<\/a>. The tooling specifics may differ if you\u2019re on Go, Rails, or Laravel, but the rhythm\u2014automate, observe, rotate\u2014holds across stacks.<\/p>\n<h2 id=\"section-5\"><span id=\"Issuance_Hurdles_and_Renewal_Nightmares_and_How_to_Dodge_Them\">Issuance Hurdles and Renewal Nightmares (and How to Dodge Them)<\/span><\/h2>\n<p>The biggest difference between certificate levels isn\u2019t what users see\u2014it\u2019s the process you go through to get them. DV can land in minutes. OV adds some back\u2011and\u2011forth: paperwork, business registry checks, maybe a phone call verification. EV takes longer, with more stringent checks. That\u2019s not a complaint; it\u2019s the point. But it means you should plan for it. If your go\u2011live depends on OV or EV, start early and keep your legal entity details tidy. The time sink is rarely technical; it\u2019s administrative.<\/p>\n<p>On the technical side, domain control validation is where many teams stub their toes. HTTP-01 is quick if you can serve a file at a specific path, but it\u2019s brittle if you have complex routing or strict edge caching. DNS-01 is more robust and is practically a requirement for wildcard certificates, but it means your DNS changes must be fast and automatable. Email-based validation exists, but in my experience, it\u2019s an invitation for delays and confusion, especially in larger orgs.<\/p>\n<p>Then there are CAA records. They\u2019re small, powerful, and sometimes the silent reason issuance fails. CAA tells the world which CAs are allowed to issue for your domain. If you use them\u2014and you should\u2014make sure they include every CA you rely on. Change your CA down the road? Update CAA before your renewal window hits, not after. I\u2019ve had three separate \u201ceverything broke at midnight\u201d incidents that traced back to CAA mismatches. Each one was preventable with a tiny line in code.<\/p>\n<p>I also recommend having a mental playbook for emergencies: what happens if a private key might be compromised? Who can revoke, who can reissue, and how fast can you roll? If your wildcard is spread across many nodes, prepare a one\u2011click redeploy that swaps keys, updates configs, and reloads services gracefully. It\u2019s not glamorous, but it\u2019s the kind of quiet confidence your team feels when they sleep through the night.<\/p>\n<h2 id=\"section-6\"><span id=\"Performance_Trust_and_Those_Subtle_UX_Signals\">Performance, Trust, and Those Subtle UX Signals<\/span><\/h2>\n<p>Most users won\u2019t notice your cipher suites or key types, but they\u2019ll feel the difference between a site that loads immediately and one that hesitates. TLS handshakes are fast nowadays, especially with HTTP\/2 or HTTP\/3, but a few details still matter. Use modern protocols, enable session resumption, and prefer ECDSA certificates if your client base is modern enough\u2014RSA + ECDSA dual\u2011stacking is a nice compromise if you want compatibility.<\/p>\n<p>I like to staple OCSP responses at the edge so browsers don\u2019t have to go hunting for revocation status. HSTS is another quiet win once you\u2019re fully HTTPS, but treat it carefully\u2014once you preload, you\u2019re committing. That commitment is wonderful when everything\u2019s steady, but double\u2011check every subdomain and redirect before you flip that switch. Pretty sure a decade ago I cost myself a weekend by preloading before migrating an old image CDN. It wasn\u2019t catastrophic, just\u2026 educational.<\/p>\n<p>If you want a sanity check while tuning your TLS config, the presets at <a href=\"https:\/\/ssl-config.mozilla.org\/\" rel=\"nofollow noopener\" target=\"_blank\">Mozilla\u2019s server-side TLS guidelines<\/a> are a pragmatic starting point. You don\u2019t need to obsess over every knob to get 95% of the benefit. Pick a sensible baseline, test the real user experience, and move on with your life.<\/p>\n<h2 id=\"section-7\"><span id=\"Rules_of_Thumb_How_I_Choose_Without_Overthinking_It\">Rules of Thumb: How I Choose Without Overthinking It<\/span><\/h2>\n<h3><span id=\"The_ecommerce_version\">The e\u2011commerce version<\/span><\/h3>\n<p>If you\u2019re launching a store today and your payment gateway hosts the sensitive bits, a DV certificate is the quickest, least fragile path. You still get full encryption, and you can automate issuance and renewal so it never turns into a calendar fire drill. If your procurement or compliance folks need evidence of organizational vetting, step up to OV. If your brand and industry benefit from a stronger, audit\u2011friendly identity story, EV can be worth the extra paperwork\u2014just don\u2019t expect a glowing green bar to drive conversions by itself.<\/p>\n<h3><span id=\"The_SaaS_version\">The SaaS version<\/span><\/h3>\n<p>For tenant subdomains under your domain, DV per hostname or a wildcard both work. Choose based on your automation maturity and how you feel about key distribution. For customer vanity domains, plan for DNS-01 flows or CNAME\u2011based verification so you can issue DV certs without manual fiddling. Keep the marketing and corporate endpoints on whatever validation level helps your enterprise sales team breathe easy\u2014often OV is the sweet spot there.<\/p>\n<p>And a last little nudge: don\u2019t let \u201cperfect\u201d block \u201cshipped.\u201d I\u2019ve watched teams delay launches for weeks to chase EV when DV would have let them learn from real users immediately. You can always upgrade validation later without changing URLs or confusing customers.<\/p>\n<h2 id=\"section-8\"><span id=\"Compliance_and_Reality_Checks_Without_the_Drama\">Compliance and Reality Checks Without the Drama<\/span><\/h2>\n<p>Certificates are one part of a bigger trust story. If you accept payments, your responsibilities are broader than the padlock. Even when the gateway hosts the card details, it\u2019s worth skimming the <a href=\"https:\/\/www.pcisecuritystandards.org\/pci_security\/\" rel=\"nofollow noopener\" target=\"_blank\">official PCI DSS overview<\/a> to understand where your boundaries are. Simple measures\u2014secure headers, thoughtful redirects, consistent domains\u2014often do more for user trust than a fancier certificate label.<\/p>\n<p>Also, if your brand is sensitive to impersonation, keep an eye on certificate transparency dashboards and your domain registry settings. Simple things like consistent WHOIS data, DNS change controls, and CA authorization records (CAA) close a lot of doors before trouble even knocks. It\u2019s not paranoia; it\u2019s housekeeping.<\/p>\n<h2 id=\"section-9\"><span id=\"A_Few_Stories_That_Shaped_My_Playbook\">A Few Stories That Shaped My Playbook<\/span><\/h2>\n<p>One client insisted on EV for their donate pages. We planned it well in advance, got the paperwork right on the first pass, and integrated it into their edge CDN. Did it change conversion rates overnight? Not dramatically. What it did change was their internal confidence and the ease of passing third\u2011party reviews. They stopped having the \u201cis this real?\u201d conversation with partners. That\u2019s worth something you can\u2019t always measure in analytics.<\/p>\n<p>Another team tried to cover everything with a single wildcard, then copied the private key to a dozen nodes across regions. That worked until one staging box went walkabout. The post\u2011mortem wasn\u2019t fun, but the fix was elegant: we split the architecture so the wildcard served internal tools only, issued per\u2011service certs for the public edge, and turned renewals into an automated job with tight scopes. Suddenly, a key leak would only mean rotating one piece, not the whole world.<\/p>\n<p>And maybe my favorite: a small SaaS with big dreams that shipped with DV, brave and unapologetic. They stayed focused on uptime and snappy performance, used sensible TLS settings, and added OV later when their enterprise sales cycle asked for it. There was no drama, just growth. I wish more teams would give themselves that permission.<\/p>\n<h2 id=\"section-10\"><span id=\"WrapUp_The_Simple_Honest_Way_to_Choose\">Wrap\u2011Up: The Simple, Honest Way to Choose<\/span><\/h2>\n<p>If we strip away the noise, choosing a certificate is a choice about validation level and scope. DV gives you fast, solid encryption and a path to full automation. OV adds a clear organizational badge and smooths compliance conversations. EV is there when your legal identity needs to be unmistakable after deeper vetting. Wildcard, meanwhile, is a convenience feature\u2014great for many subdomains when you have a good handle on key distribution and renewals.<\/p>\n<p>For most e\u2011commerce sites getting started or migrating, DV is the right first step. If your process or partners require more, OV is a practical upgrade. EV has its place, but it\u2019s a tool for specific trust and audit needs, not a magic conversion lever. In SaaS, lean on DV and automation for tenant and custom domains, sprinkle in OV for corporate endpoints when enterprise buyers ask, and keep an eye on operational simplicity so certs don\u2019t become your team\u2019s Monday morning surprise.<\/p>\n<p>And if you\u2019re tuning the engine under the hood, borrow good defaults and move on with your day. The people buying from you won\u2019t applaud your curve preferences\u2014but they will feel a site that loads instantly, stays secure, and never throws a certificate warning. Hope this was helpful! If you\u2019ve got a launch coming up and want to sanity\u2011check your cert plan, drop me a note\u2014happy to be your calm second opinion.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>I still remember a Tuesday launch that almost didn\u2019t happen. The product pages were beautiful, the checkout was buttery smooth, and the hype was real. Then, five minutes into testing, someone noticed the browser\u2019s little padlock wasn\u2019t showing consistently on a few subpages. Cue the room going quiet. The site technically worked, but psychology took [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1623,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-1622","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/posts\/1622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/comments?post=1622"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/posts\/1622\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/media\/1623"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/media?parent=1622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/categories?post=1622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/en\/wp-json\/wp\/v2\/tags?post=1622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}