Follow

SSL Certificates

Differences between Certificates.

Single domain, multi-domain, wildcard certificates, there is a wide variety of different certificates. But what are the main differences between these certificates? What sets them apart?

We can categorize the many different certificates into three classes. These three classes symbolize the differences in validation procedures, and how this is reflected visually.

Let's review these three classes.

 

The DV Certificate.

For a domain validation certificate, there is only one step that need to be completed before the certificate is successfully released, domain validation.

Domain validation is done through either email validation, HTTP(S), or DNS validation.

With a domain validation certificate, there is a green lock on the left side of the address bar, but there is no company name shown next to the lock, and no company information shown on the certificate detail page.

 

The OV Certificate.

For an organization validation certificate, there are several steps that need to completed before the certificate is successfully released. These steps, in order, are: organization validation, telephonic validation and domain validation.

Organization validation is done by checking the given company name and registration number against the information in the Chamber of Commerce.

Telephonic validation is done by checking the given telephone number against public phone records, and then performing a validation call with the certificate requester.

Domain validation is done through either email validation, HTTP(S), or DNS validation.

With an organization validation certificate, there is a green lock on the left side of the address bar, there is no company name shown next to the lock, but the company information is visible on the certificate detail page.

 

The EV Certificate.

For an extended validation certificate, the steps that need to completed before the certificate is successfully released are similar to that of an OV certificate, with one exception. The requester needs to sign a formal agreement with the CA. The steps, in order, are, organization validation, EV documentation validation, telephonic validation and domain validation.

Organization validation is done by checking the given company name and registration number against the information in the Chamber of Commerce.

EV validation is done by signing the EV documents and returning them to the CA. This can be done digitally.

Telephonic validation is done by checking the given telephone number against public phone records, and then performing a validation call with the certificate requester.

Domain validation is done through either email validation, HTTP(S), or DNS validation.

With an extended validation certificate, there is a green lock on the left side of the address bar, the company name is shown next to the lock, and the company information is visible on the certificate detail page.

 

REMEMBER

The certificate will be on the name of the company for which the request has been done. So for example, if you request it for the organization SwitzerlandHolding (based in Switzerland) with the domains test.de, test.fr and test.ch, all 3 domains will show the organization SwitzerlandHolding in the certificate and the green bar with the locker.

In other words, each certificate request can only be requested for 1 company, regardless the count of domains. It is not possible to put multiple companies in 1 request.

If you want to have the name of a sub company in the certificate/green bar, you will need to request a separate (singel-domain) certificate for it.

 

 

SSL Certificates Videos.

Below you'll find videos explaining the visual differences between the three classes.

Click here for the English version of the video.

  Play.png

Click here for the Dutch version of the video.

 

 

 

Was this article helpful?
2 out of 2 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.