Types of SSL certificates

Started by Henri O`neill, Dec 01, 2022, 11:55 PM

Previous topic - Next topic

Henri O`neillTopic starter

Hello everyone! Let's talk about SSL certificates. Typically, people ask where to purchase or rent hosting that comes with an SSL certificate. However, many forget or are unaware that there are different types of certificates that offer different levels of security and reputation.

For example, a DV SSL certificate is a basic certificate that can be seen on 70% of websites. Clicking on the information icon next to the site name indicates that the site is protected, and you can store your data safely.

An OV SSL certificate is similar to the DV certificate but also displays information about the issuer, similar to a whois domain registrar search.

The highest level of certification is the EV SSL certificate, which displays who the certificate is issued to and provides more detailed information. Sites with this type of certificate generally have a better track record of trust among clients.

There are also certificates for subdomains (WSSL) that are purchased in addition to the main certificate.

Multidomain certificates protect subdomains in different sites. While not entirely reliable, having an OV or EV SSL certificate may help increase trust, especially for businesses.

If you have anything to add to this discussion, please feel free to share your thoughts!
  •  

Jack Call

In my opinion, it's not necessary to delve deep into the complexities of SSL certificates. A basic and simple SSL certificate is sufficient. Unfortunately, statistics show that around 65% of sites in a particular sector do not have an SSL certificate. However, many of these sites are unsupported and without advertising, making it unprofitable for them to invest in hosting and a certificate. For example, the forum dnray.com is an instance where no SSL certificate is needed. Ultimately, an SSL certificate acts as a signpost to indicate whether it is safe to store sensitive data on a site.
  •  

vallam

Unless you dive deeply into the technical details of encryption algorithms such as ECC, RSA, or DSA, it's difficult to discern any significant differences between them. All of these encryption algorithms align with contemporary Internet security protocols. The key factor to consider is how to generate a public/private key pair needed to sign your certificate.

Numerous providers offer online CSR query generators that require you to create a public/private key pair. However, it's crucial not to disclose the latter to third parties. Nevertheless, if you want to use an online CSR generator, it's imperative to select credible services and verify the authenticity of their websites.

SSL vendors often provide financial guarantee parameters for their certificates. This implies that the certification body ensures that its certificate cannot be installed illegally on a website with monetary incentives. In the unlikely event of SSL fraud that results in financial loss to a user, the certification authority commits to reimbursing the victim according to the guarantee's terms. While such incidents are rare, the presence of financial guarantees adds weight to the credibility of the certification body.
  •