[intro]When you have read this Guide, you will understand more about the different SSL Certificates offered by EKM Domains and which is the most appropriate for your EKM online shop. [/intro]
[summary]
- What are the different types of SSL Certificates?
- Domain Validation
- Organisation Validation
- Extended Validation
[/summary]
What is an SSL Certificate?
Within your EKM Domains account, you are able to choose from a number of SSL Certificates which have been configured for use on the EKM platform. An SSL Certificate is a file installed on the server your site is hosted on that activates a padlock symbol within the address bar of a browser which changes the scheme from ‘http’ to ‘https’ - the ‘s’ representing ‘secure’, allowing secure connections between the server and the browser.
SSL Certificates are most often used on websites where online purchases are made (such as Paypal and Klarna, for example), data transfers (such as uploading or downloading files) and logins - used on social media and e-commerce sites.
A website without an SSL certificate would display like this:
When you click the ‘i’ symbol, it will reveal a message that advises the website may not be secure:
On the other hand, a website that has had an SSL Certificate applied looks like this:
This is a Domain Validated SSL Certificate viewed on the Google Chrome browser.
The use of SSL Certificates has risen steadily over the past few years after Google announced in 2016 that it would be highlighting websites without SSL Certificates within the address bar of Google Chrome to help warn users against using insecure or suspicious websites.
What Are The Different Types of SSL Certificates?
There are different kinds of SSL Certificates, and these are divided by how they are validated as some Certificates require more verification to apply than others. These different kinds are:
- Domain Validated (DV SSL)
- Organisation Validated ( OV SSL)
- Extended Validation (EV SSL)
The levels of encryption are the same for each different kind of SSL Certificate, but what is different is the verification process and how the certificate is displayed in the address bar of the browser.
Domain Validation
Domain Validated SSL Certificates are the easiest kind to obtain; they require a single step to verify as all you need to do is prove that you own the domain name that you want to apply to SSL Certificate onto by responding to a specific email address set up on that domain:
- admin@yourdomainname.com
- administrator@yourdomainname.com
- Postmaster@yourdomainname.com
- hostmaster@yourdomainname.com
- webmaster@yourdomainname.com
Examples of SSL Certificates from EKM Domains which use Domain Validation are Rapid SSL and Thawte: SSL 123. A Rapid SSL Certificate is available free for EKM customers. You can read about claiming your free SSL Certificate by clicking here.
Organisation Validation
Originally Organisation Validated SSL Certificates were the first kind of SSL Certificates available, and as well as having to respond to an email sent to a specific address on your domain, you have to prove that the company behind your website actually exists.
To verify your OV SSL Certificate, you need to verify the following:
- Organisation Authentication - this is where the CA (Certificate Authority) will check that your company is a legitimate legal entity, by using government websites such as this one.
- Locality Presence - this requires your company to pass the CA checks which verify that your organisation has a legitimate physical presence within the country it is registered within. Again the CA will look for your details on government website such as this one.
- Telephone Verification - For this, your company will need to have a legitimate telephone number listed for it, and this must have been listed by an acceptable online telephone directory, such as this one.
- Domain Verification - The CA will also need to check that your company owns the domain name on your website. To do this, they will look at the details listed on the WHOIS database.
- Final Verification Call - The CA will contact you (or the specified applicant named on the SSL Certificate) using the phone number listed for your company. You’ll be asked some very simple questions and after that, you will then be issued with your OV SSL Certificate.
Examples of SSL Certificates from EKM Domains which use Organisation Validation are Thawte: SSL Webserver and Symantec: Secure Site.
Extended Validation
Extended Validated SSL Certificates are the most expensive and require more verification steps than the previous versions, but don’t let this put you off as research has demonstrated that EV SSL Certificates do lead to an increase in sales as it is the most visually obvious when displayed in the browser address bars. Like Organisation Validation, Extended Validation SSL Certificates have a specific amount of steps which need to be completed in order to be verified:
- Enrollment Form - The first step is to complete the Enrollment Form and send it to the Certificate Authority. This is to verify that you, or the named applicant, are legally allowed to act on behalf of the company when applying for the SSL Certificate.
- Organisation Authentication - this is where the CA (Certificate Authority) will check that your company is a legitimate legal entity, by using government websites such as this one.
- Operational Existence - You must then be able to prove to the CA and have them confirm that your company has been operational for three or more years. If you have not made it to the three-year milestone yet, it is still possible to obtain an EV SSL - the CA will be able to advise you further.
- Physical Address - For this step, you need to prove that your company has an established physical address in the country it is registered in. The CA will be able to advise which legal documents you can submit to prove this.
- Telephone Verification - For this, your company will need to have a legitimate telephone number listed for it, and this must have been listed by an acceptable online telephone directory, such as this one.
- Domain Verification - The CA will also need to check that your company owns the domain name on your website. To do this, they will look at the details listed on the WHOIS database.
- Final Verification Call - The CA will contact you (or the specified applicate named on the SSL Certificate) using the phone number listed for your company.
- Five Verification Questions - during the above telephone call, you will be asked to confirm: If the website administrator has the relevant authority to obtain the SSL Certificate, and if so, whether they can delegate SSL responsibilities. You’ll also be asked to confirm the company’s ownership of the domain name, whether you approve the issue of the SSL Certificate and finally your confirmation of the Subscriber Agreement.
- Professional Opinion Letter - this part of the process essentially helps speed up the process of application as it involves having a legal professional submit a letter of support which further validates your company. The CA will be able to advise you of any guidelines required to complete this step.
Examples of SSL Certificates from EKM Domains which use Extended Validation are Thawte: SSL Webserver Ev and Symantec: Secure Site EV.
[more]
- Adding an SSL Certificate to your EKM online shop
- Submitting your EKM online shop to Google
- Claiming your free EKM domain name
- GDPR
[/more]
[contact] If you need our help with your EKM online shop, contact your Ecommerce Expert or the Customer Support Team, who will be able to point you in the right direction. We're open from 8am-6pm weekdays and 9am-5.30pm weekends. If you'd like to suggest a feature or an upgrade on any of the EKM platforms, please let us know on the EKM Suggestions Board. If you have a non-account-specific question to ask the EKM Team, join us in the EKM Community. [/contact]