Tutorial Guide On Domain Validation Ssl Certificates

Zirkon Kalti

Content Writer
Making your website safe should be on top of your priority, especially if your site is an online store. Installing a SSL certificate on your store gives customers a sense of security when they are shopping at your site. The presence of the SSL certificate shows that you are a legitimate and trustworthy vendor and that your customers' transactions will be protected from the third parties. The purpose of the SSL certificate is to encrypt the customers data that are transmitted over the web. The type of SSL certificate you choose depend on your reason for requiring the website security for example business.

Levels of SSL Certification Validation

1. EV SSL Certificate

ev-browser-sample-large.png


There are 3 different types of SSL certificates including extended validation (EV), Organization Validation (OV), and Domain Validation. EV is the highest level of SSL certificate that features 2048-bit encryption. It is the type of certificate used by banks as it has a rigorous verification process. Sites that use EV SSL certificate will show a green address bar on the secure page. In the green address bar, you will be able to observe the company name of the website owner, https:// as well as a padlock. If you take a look at the EV certificate, you will find information on the organization. EV SSL certificates is suitable for e-commerce sites and sites that collect the personal information of users. Basically, it can be installed on any site where the trust of the users is very important. It generally takes three to five days to issue the certificate.

2. OV SSL Certificates
Organization Validation (OV), also known as high assurance certificates verifies that the right of the site to use the domain name for conducting business. In OV validation, the business or organization information is vetted. Sites that use OV SSL certificates will display https:// and padlock in the beginning of the address bar. You will be able to view the organization information when you click on the https:// OV certificates offers 128, 256 and 2048 bit encryptions. OV certificate are issued faster than EV certificate and you get expect to receive it in 24 hours. OV is suitable for e-commerce sites as well as sites that collect users' information.

3. DV SSL Certificates

dvcertificates.png

Domain Validation (DV) offers the lowest level of validation. The certificate only display the domain URL. You won't find information on the business or organization in the DV certificate. DV certificates are cheap and very affordable because of the lack of validation on who the domain owner is and whether the domain is operated by a real business. DV certificate is not suitable to be used by e-commerce sites that are handling sensitive customer information. DV certificates have higher risks compared to OV and EV so not all CA issue them. DV certificate will display the https:// and padlock in the address bar just like the OV certificate. DV certificate is issued almost immediately and is suitable for sites used in experiments as well as sites that are not ecommerce.

Types of SSL Certificates
Every CA will give different names to the SSL certificates they issue. You will find that the names only slight vary between different providers. You can easily determine what type of certificate it is by the name once you understand the types and level of validations in SSL certificates. There are few types of SSL certificates including single name, wildcard, SAN, and SGC. Single Name SSL certificates offers encryption and validation for a single domain. The features for single name SSL certificates vary depending on which CA company you choose.

1. Wildcard/Multi Domain Certificates

Wildcard_certificate.jpg

Wildcard certificates provides encryption for the domain as well as all the first level subdomains. Wildcard certificate is more expensive than single name certificate but it is worthy it if your site has a lot of subdomains. Buying single certificates for each of the subdomain will be more expensive compared to just buying the Wildcard certificate. The downside of Wildcard certificate is that it only assin you with a single private key. If a hacker enter into your server and steal your private key, the security of your entire network can be compromised. To fix this problem, you can mark the certificates installed on your entire network as non exportable. Besides, you should also limit the server access only to people whom you can trust. There is no limit on the number of duplicates you can issue when you purchase a Wildcard certificate. Every duplicate has a unique key pair. In the event that one of the duplicate is being hacked, you can replace it with another duplicate. Both DV and OV wildcard certificates are available. There are currently no EV wildcard certificate.

2. SAN/UC Certificates
SAN certificates, also called UC certificates, is used to provide encryption on multiple domains, and subdomains with a single certificate. SAN certificate is great for those who want to secure a large number of domains on their server. It is suitable for websites based in Microsoft Exchange environment. Just like wildcard certificates, you must heighten the security measures on your server when you use SAN certificates. With A SAN certificate, you can add 2 – 100 domains until the lifespan of the certificate.

3. SGC Certificates
SGC (Server Gated Cryptography) certificates can provide 128 bit encryption on old browsers t hat support only 40 bit. Only people who are using browsers created in 2000 will need them. SGC can be very costly. There are very few people that need them so it is no recommended.
 
Top