Protecting users’ personal information is an inescapable responsibility of every online platform. This is when SSL protocols come in handy. And before getting down to the variations of SSL certification, we better devote a little bit of our attention to the SSL itself.
What SSL actually is
Referring to Secure Socket Layer, SSL represents the guardian of users’ financial data. Authentication and encryption are the key frameworks for SSL feasibility.
SSL operating principle is:
- asymmetric cryptography is implemented for authenticating exchange keys; symmetric encrypting serves to guarantee data discretion;
- authentication coding of messages helps in ensuring message safety and security.
It isn’t that difficult as it might seem at first glance. Well, let’s imagine that you are shopping online. At some point, you enter the required details on the credit card. When you’re with a website using SSL protocols, your browser presents a message as some chaotic symbols. Such coded text is sent to a server, where a specially installed program decrypts the message to its original version.
A key makes encryption and decryption possible. The most primitive solution is a replacement of every letter with a following or a previous one.
You do realize how precarious such approach is. That was just a simple example to pass on the point. We can assure you that SSL applies much more sophisticated instruments, thus, any fraudsters will puzzle over a long time trying to work out the right key.
How does SSL work? So, you know the answer, thus, we’re good to move on.
Classification of SSL certification
SSL certification shall be classified by validation approaches and by the number of domains involved. As you’d assume, SSL functionalities shall range respectively.
By validation approaches
- Domain Validation (DV) SSL
Mentioned type better fits uncommercial online platforms. Given certification won’t give you any data on a company. In this case, the company name box simply shows “Unknown” or something similar.
It’s pretty easy to receive such SSL – being an owner you’re simply to confirm your rights on domain name usage by clicking the link you receive through email. Several minutes – and you got it!
DV SSL isn’t too expensive. At the beginning of 2019, ssl.com.us set a price of $12-14 every year.
- Organization Validation (OV) SSL
Since OV certification shall additionally affirm the registration details on an organization which owns the website, it turns out to be more credible and secure.
Such certification was designed mainly for legal corporations. On the road to receive your OV SSL, there’s a verification stage on the domain name usage rights. And also get prepared to reply Certification Authority control call. Be sure all your documentation is in English and witnessed by a notary person.
The whole procedure shall last 4-10 days.
The yearly price is $65 and up.
- Extended Validation (EX) SSL
SSL in question is claimed to be the most trustworthy.
Being on the market since 2007, its main target customer refers to online funds transaction platforms. Reliable privacy and security level is guaranteed by means of encryption techniques.
Multiple checks await web resource owners during OV SSL certifying process. Among other things make sure you’re officially registered as Legal Entities in the Unified State Register. EV certification is perfect when you’d like to connect a certain domain with a specific corporation, like, tying up the Bank of America corporation with bankofamarica.com domain.
Moreover, such SSL ensures reliable protection from so-called “phishing websites” threads. The Mountain America Credit Union has learned it the hard way.
We hope, you’re convinced by now of EV SSL reliability and safety.
It might take up to 15 calendar days to finalize the procedure to be certified as per EV SSL.
Its cost starts with a $130 charge yearly. In some cases, it reaches $1300.
By quantity of domains involved
- Wildcard SSL
Mentioned certification takes care of a specific domain together with every subdomain belonging to it. For instance, dealing with “home.ua” domain, Wildcard SSL will also cover mail.home.ua, 1ev.home.ua, r.info.dnipro.home.ua, etc.
Moneywise, such SSL certification is around 4 times more costly compared with DV SSL.
- Multi-Domain SSL
MD SSL helps with a number of distinct domains. For example, it’s good to include home.ua, shop.com, office.it domains without covering their subdomains.
SSL certifying procedure
While buying SSL certification, your task is to reach out to Certification Authority or simply CA. You’re free to make it done manually filling out an online request form, or applying diverse scripts to start communication automatically.
In layman’s terms, CA represents a managerial statutory body certifying owners of domains in accordance with SSL regulations. CA is also the one undertaking SSL audits.
Most common CA:
- Symantec Let’s Encrypt Verizon Comodo and others
Looking for free SSL certification? Let’s Encrypt is a market leader in here.
Phases of SSL certification
We are to specify a step-by-step procedure on the way to obtain SSL certification.
#1. Filing a request
A website owner shall visit a domain registrar platform or a terminal console to fill in an application form. It’ll require an online resource holder to specify the name of a certain domain and a name of the business. Contact details are asked as well.
The data shall be processed and a Certificate Signing Request is to be issued. Such CSR document will include all info entered by the owner.
#2. Reaffirming the info
CA shall find a CSR document, and the task of such body is to verify the authenticity of specified data. CA is to ensure the DNS structure has an A record of a certain domain from the application form.
CA shall also double-check to make sure that it’s an owner who has filed a request. For such purpose, the owner shall be required to adjust a particular content document adding a certain text record in it. It’s only one of the potential verification options.
#3. Receiving the certification
After all verifications and checkings, a certain SSL certification is to be built. CA shall send the owner certification documents, and we are talking about several files.
Typically, there would be such files, as:
- a .crt document – the signed and notarized certificate; a .key document – the certificate private key; chain.crt documents – they aren’t on a must-have list, so you might not receive them. It’s not quite practical, as such intermediate certificates and its chains could be seen in unsecured open resources.
We do hope that now the subject is all clear, thus, you know exactly what to do to get an SSL certification you need. We wish you and your business to prosper!
