What are the types of SSL certificates?
SSL certificates come in three major categories: Domain Validated, Organizational Validated, and Extended Validation. This article will describe the differences.
First, it's important to note that the security level between these certificates is the same. The major difference between these certificates is the features, such as a site seal, or a "green bar" in the browser.
It is worth noting that as you go down the list, in general certificates are more expensive due to additional verification and features. If you're just starting out with a small budget, getting the top of the line EV SSL certificate for several hundred dollars is likely not needed, and you may not even have the business verification documents to complete the setup anyway.
1. Domain Validated
Domain validation certificates require that you only verify your ownership of your domain name. This verification is required to ensure that the SSL issuer is insuring the legitimate owners of the website, and not a fraudulent website. When you order your SSL, you'll normally have to select an administrative approval email address - which means this is restricted to things like email@example.com - firstname.lastname@example.org, or your whois contact email address. You will be sent an email with a link that you must click on to approve this certificate, and then it is generally issued immediately.
If you have purchased an SSL certificate through InclusiveHost that is domain validated, you can use our Auto SSL installer to have this automatically completed for you!
2. Organization Validated
This type of certificate has the same requirements as the domain validated certificate, meaning you have to still verify domain ownership by recieving and following instructions on an email sent to email@example.com, firstname.lastname@example.org, or your whois email address.
In addition to this domain validation, the SSL issuer has to ensure that your business is legitimate and you are who you say you are. This means you may have to provide recent (within 6 months) bank statements, utility statements, or other official documentation showing your business name and your address. They will also likely use online databases (such as d&b, the yellow pages) to check the authenticity of your provided information. An automated phone verification is also likely to be required. If any of this information is incorrect, the SSL certificate may not be issued.
Organization Validated certificates typically take much longer (sometimes several days) to issue and verify than domain validated certificates.
3. Extended Validation (EV) SSL certificates
Extended Validation certificates require all of the above verification methods, in addition to strict business document validation and also phone verification. Several forms need to be manually filled out and submitted to the SSL issuer, and the validation time can take over 1 week typically. These are one of the most expensive certificates, and typically very high profile websites use these certificates to increase customer confidence. For an example of what an EV SSL looks like, you can visit https://paypal.com to see the "green bar" in the browser, or see these example images:
How do I find my incoming or outgoing email server? (Views: 716)
How to setup sFTP in FileZilla (Views: 4626)
How to change your cPanel password (Views: 3401)
What private key size should I use? (Views: 1977)
Powered by WHMCompleteSolution