About SSL Certificates

Best of Authentication in Reader's Choice Awards

How to choose the certificate?

NOT ALL CERTIFICATES ARE THE SAME. Certificates vary in the level of safety and protection for users' confidence in the brand (and, consequently, confidence in the safety certificates), as well as additional properties or services offered by each certificate.

DOMAIN / Organizational / Extended Validation

Depending on the needs of your site or. applications is essential to choose the certificate that belongs to the group of primary law. Certificates are divided into three basic groups: Domain Validation (checking domain - suitable for testing and development) Organizational Validation (checking company or organization - suitable for most sites) and Extended Validation (extended checking - suitable for most security-sensitive sites and applications). Read more about groups in the next part.
CERTIFICATE BRAND RECOGNITION

When choosing a certification it is also quite important general brand awareness certificate issuers. Market analyzes have shown that web users have more confidence to perform online purchases on those sites that are in the process of payment to show that the site certificate protects more recognized brands. The issuer of your certificate guarantees the users that it has verified your domain and your company. The more the user trusts the issuer of the certificate, the more you will trust the security of your site.

Symantec (former Verisign) is the most recognized issuer, so it is suitable for sites that want to provide users with the highest level of confidence.

Thawte and GeoTrust are well recognized in the issuer and therefore suitable for most sites.

RapidSSL certificates issued only by the low level of checks, which normally are suitable only for testing websites and not for public production use.
ADDITIONAL CERTIFICATES FEATURES

Additional arguments when choosing a certificate hide in additional properties certifications such as. amount of insurance premiums and the provision of additional services, such as Website Malware Scan and Vulnerability Assessment (read more below).

What is the difference between DOMAIN / ORGANIZATIONAL / EXTENDED VALIDATION certificates?

IN DEGREE OF TRUST. The difference of main certificate types are how much trust your site will enjoy by its users. The level of confidence depends on how detailed the issuer of the certificate to verify that you own the website domain and your company is or. organization authentic and trustworthy. Before the issuer of the certificate issued by your certificate will check your domain name and / or company, according to the group certificate.

DOMAIN VALIDATION (checking of domain)

Who use this group of certificates:
Domain Validation Certificates are suitable only for test purposes and for the web site developer.

What is checked:
Certificate issuer verifies, if you control the domain for which the certificate order. This is usually done by sending a test message with a special Web link to the e-mail postmaster@domena.si. If you receive this message and click on the web link, you can prove that you own the domain.

Features:
The certificate may be issued within a few minutes or. hours. The main drawback of Domain Validation certificates is that users do not provide the best level of trust because a certificate guarantees only the identity of the domain does not guarantee, however, any company or. Organization is the owner of this domain. Therefore, these certificates are generally not suitable for public use.
ORGANIZATIONAL VALIDATION (checking of company or organization)

Who use this group of certificates:
Organizational Validation certificates are suitable for most normal websites that want their users to guarantee a basic level of security and confidence in your site.

What is checked:
Certificate issuer first checks if you control the domain for which the certificate order. Then check the identity of your company or. organization, if you really own the domain and if the person who orders the certificate really authorized by the company or. Organizations that can Instructs certificates on behalf of the company.

Features:
The certificate is usually issued within 1-3 days. As the issuer of the certificate details to verify your company or. organization, users of your site trust that your business is identical, and the legitimate owner of the domain.
EXTENDED VALIDATION (extended checking of company or organization)

Who use this group of certificates:
Extended Validation certificates are suitable for those websites that wish to provide the highest level of confidence. Suitable for banks, major online store and all sites that store sensitive personal or other information.

What is checked:
Crtificate issuer verifies ownership of the domain and the identity of the company, similar to Organizational Validation. However, the identity of the company verified in more detail, in accordance with international standards for identity verification companies. Eg. company locates in the national register of companies, check the publicly available contact numbers, etc. Company.

Features:
The certificate is normally issued within 7-10 days. The main advantage of Extended Validation certificates that web browsers display emphasized green address bar when a user visits your site. This designation guarantees users the highest level of confidence in your site. More on the Green line, see below.

How Extended Validation
appears in web browsers:

Green Address Bar

Extended Validation and the green address bar (Green Address Bar)

GET THE GREATEST USER TRUST. The Extended Validation option is a simple and reliable way that web visitors can verify the identity and security of your site. Only SSL certificates with Extended Validation option to ensure that web browsers display emphasized the name of your organization in a green-colored address bar, which users make sure that your web site truly safe and trustworthy.

Protects against phishing methods (phishing): this is a way to abuse, which is currently in the very increase (every month found 35,000 new websites abusing phishing method).
Provides the highest level of confidence that a better impact on your business.
Trusted see the green address bar in your browser to research ensures that 97% of web users tend to trust purchases on those sites that show the green bar.
A rigorous and accurate verification of the authenticity of the organization who wants to use an SSL Certificate with Extended Validation option (according to standards).
the maximum guaranteed premium NetSure® Extended Warranty.

Website Malware Scan (daily scanning your site for malicious code)

HELPS PROTECTING YOUR WEB SITE. Automatic daily scan for malicious code across all public websites under your domain, which has installed the appropriate SSL certificate.

The daily scanning of code on your web pages helps to protect your site against hackers and attackers, and against hard to found malicious code (malware).
Check all publicly accessible website under your domain, which is installed SSL certificate. - In addition to the HTML code review as JavaScript and iframe.
Reduces the risk to your site because of containing malicious code found themselves blacklisted the Google search engine.
Prevents the spread of viruses.
Protects sensitive information such as card numbers and personal information.
In case of detection of infection on your website you receive an email notification with instructions to correct the problem.
Available only for certain certificates (SSL see comparative table)

Vulnerability Assessment (analysis of your site vulnerability)

DISCOVER YOUR SITE WEAKNESSES BEFORE THEY ARE FOUND BY ATTACKERS. Automatic weekly scan for vulnerabilities of all publicly accessible web sites, web applications and web server software, which is publicly accessible via the network port. Scanning is enabled on the web server to a domain that has installed the appropriate SSL certificate.

Quickly find the critical weaknesses that attackers often abused, and displays the proposed measures.
Finds thousands of potential vulnerabilities of critical and less critical errors.
You will receive a report with a list of proposed measures contains both a list of critical vulnerabilities, which can be prevented priority, as well as list of less risk of errors.
The possibility of re-scanning the site you can check if you eliminate the vulnerability.
According to statistics Vulnerability Assessment detects critical vulnerabilities in 50% of all websites.
Available only for specific SSL certificates (see comparative table)

Wildcard Certificate

PROTECT MULTIPLE SUBDOMAINS WITH A SINGLE SSL CERTIFICATE

The wildcard certificate issued for the domain domain.com can secure all subdomains *.domain.com (eg. www.domain.com, intra.domain.com, mail.domain.com...).
The advantage of wildcard certificates are lower costs, since a single certificate to install multiple subdomains.
You can immediately secure all future new sub-domain, without having to buy new certificates.
The certificate verifies your business identity and ownership of your domain.

SAN domain

PROTECT MORE DIFFERENT DOMAINS WITH A SINGLE SSL CERTIFICATE. Most conventional SSL certificates makes it possible to define a certificate for multiple domains, for example www.domain1.com, intra.domain2.com, mail.domain3.net.

Instead of buying several individual certificates for different domain can be in one certificate that supports SAN, in particular Subject Alternative Name field, enter additional domain names that will protect the certificate.
This can be exploited in all SSL certificates that support SAN (Subject Alternative Names). Most conventional SSL certificates supports SAN. Usually we have to buy basic SSL certificate for a domain with Purchase an additional license for the SAN additional domains.
SAN is often associated with the term Unified Communications (UC) certificates. Mostly SAN using Microsoft Exchange Server and Microsoft Communications Server.