SSL Certificates FAQ
What are the Validation methods performed?
There are three methods of validation performed:
- Domain-validated certificates: Only the verified owner of the domain name can purchase an SSL certificate for the domain. Validation is done via email sent to the domain owner. Domain validated SSL certificates can be issued very quickly - often in minute safter the owner confirms the request.
- Organization-validated certificates: When corporate identity validation is important, an SSL Certificate for the organization assures customers that the website is trustworthy and secure. Only verified representatives of the organization may purchase these certificates and business licences or other proof is required. The Certificate Authority will verify through phone call to ensure that the certificate request is legitimate. These take a few days to a week to be issued.
- Extended Validation (EV) certificates: With Extended Validation, as well as displaying the certificate seal, the address bar is displayed in green, providing customers with an extra level of confidence. The green address bar is a strong visual indication that the site has an Extended Validation Certificate. The Security Status bar displays the organization name and the name of the Certificate Authority (CA).
In order to be approved for an Extended Validation certificate, the certificate authority will actively check the Organization and the individual applying for the certificate. This is to verify that the Organization is positively the Organization they claim to be, and the individual requesting the certificate is someone who is authorized to request a digital certificate. Extended Validation may take as long as one week to complete.
What does the green address bar indicate?
Web sites using an Extended Validation certificate will cause web browsers to change the address bar to a green colour and also display the name of the Organization the certificate was issued to. Certificate Authorities will only grant Extended Validation certificates to organizations after the Certificate Authority verifies that the genuine organization is requesting the certificate.
The green address bar gives assurance to visitors of the web site that they are definitely visiting a web site run by the organization they should be dealing with, rather than a fraudulent site posing as that organization.
What are Dynamic vs. Static Site Seals?
A Dynamic Seal is dynamic image displayed on a website that shows the current time and date of when the web page was loaded which indicates that the seal is valid for the domain it is installed on and is current and not expired. When the image is clicked, it will display information from the Certificate Authority about the website's profile which validates the web site's legitimacy. This will give visitors of the website increased confidence in the site's security.
A Static Seal is simply an static graphic image that can be placed on the website to indicate where the digital certificate was obtained from, however there is no click-through validation of the website and the image does not show the current time and date.
How many domain names does a certificate secure?
Certificates will only secure one domain name, and depending on the type of cert you obtain, it will be valid for only one hostname beneath that domain name. (ie: only www.example.com and not subdomain.example.com)
Wildcard certificates are valid for an unlimited amount of hostnames beneath a single domain name. With Wildcard certificates, the computers using mail.example.com, smtp.example.com, www.example.com as well as any other host based on example.com domain will all be able to use the same certificate.
What is a Wildcard certificate?
A wildcard SSL Certificate helps enable SSL encryption on multiple sub-domains using a single certificate as long as the domains are controlled by the same organization and share the same second-level domain name. For example, a Wildcard certificate issued to Company ABC using the Common Name ("*.CompanyABC.com") may be used to secure subdomains like login.companyabc.com, payment.companyabc.com and support.companyabc.com.
New VeriSign SSL Trust features
At NO additional cost, all Verisign SSL certificates include:
Seal-in-Search™ technology gives customers confidence to click-through to your site
| |
Web site malware scanning gives customers confidence to be on your site and sign in
|
|
New Verisign Trust Seal converts visitors into customers
|