Loading...Have you recently purchased an SSL/TLS certificate? Or, perhaps, you’re just researching the different kinds of certificates available today. Whatever the case, if you’re looking for information on the SSL certificate validation process, you’ve come to the right place!
Now, you probably already know that these certificates cater to two basic requirements — data security and trust. An SSL/TLS certificate encrypts the communication channel between the client browser and the server to ensure that any intruder eavesdropping on the network can’t read the information. All SSL certificates, regardless of the validation process they require, offer the same encryption strength.
So, what do we mean by validation levels? When we talk about certificate validation levels, we’re fundamentally referring to the varying levels of trust these certificates establish with the end-users through the use of a reputable third party. Essentially, a certificate authority, which issues the certificate, investigates you and/or your organization to validate your legitimacy. Then they vouch for you by issuing the certificate.
In all, there are three levels of validation:
- Domain Validation (DV)
- Organization Validation (OV)
- Extended Validation (EV)
Let’s take a look at each of these validation levels individually and understand what their processes entail.
SSL Certificate Validation Process: Domain Validation SSL
A DV SSL certificate is the most basic one that requires the least stringent verification process. The certificate authority (CA) only verifies whether the applicant owns the domain for which they request the certificate. Since DV certificates employ the most relaxed investigation process, this means that they also offer minimal authentication. On the upside, they allow personal websites, blogs, etc. to be accessible over HTTPS.
The increased accessibility and lack of authentication offered by DV certificates make it easier for everyone, including cybercriminals, to put a padlock on their website. Just because you see a nice padlock and HTTPS site, it doesn’t necessarily mean you’re on a safe website. It merely indicates that the connection between the client browser and the server is encrypted. If the server or the website you’re connecting to happens to be a phishing site, tough luck! Higher validation levels have a much more thorough vetting process and therefore inspire more trust in end users.
Get Massive Discount on RapidSSL DV SSL Certificates. Save 82%!
Get a DV SSL certificate for as low rate as $12.42/year!
SSL Certificate Validation Process: Organization Validation SSL
In case of an OV certificate, you will need to prove that your organization is a legitimate legal entity. The vetting process is a lot more rigorous than a DV cert and typically takes one to three business days to issue a certificate. For this reason, OV certificates also offer better levels of authentication.
To get an OV certificate, you will have to satisfy the requirements for:
- Organization Authentication
- Locality Presence
- Telephone Verification
- Domain Control Validation
- Final Verification Call
Any person visiting your website can see the organization details on your certificate so long as they know where to look for the information.
Get Thawte OV SSL Certificate for Only $77.61/Year!
Buy today and save 61% on your OV SSL certificate!
SSL Certificate Validation Process: Extended Validation SSL
EV certificates have the most rigorous SSL validation process and, consequently, offer the highest levels of authentication. They sometimes come packaged with other security solutions like vulnerability assessments and malware scans depending on the provider.
To get an EV certificate, you will have to satisfy the requirements for:
- Organization Authentication
- Enrollment Form
- Operational Existence
- Physical Address
- Telephone Verification
- Domain Control Validation
- Final Verification Call
The EV certificate indicator will be moved from the address bar to the Page Info (in Mozilla Firefox) for all web pages irrespective of the issuing CA. Though Google Chrome and Firefox will no longer support the green address bar, this change will only impact the visual indicators and not the technical ones.
Save 54% on GeoTrust True BusinessID with EV
A deal that you can’t miss! Get the GeoTrust EV SSL certificate only for $ 137.54/year.
How Do I Get an SSL/TLS Certificate?
You can get yourself an SSL/TLS certificate in five easy steps:
- Pick the SSL certificate that you wish to purchase based upon your requirements. Make your decision depending on the validation level you need and the number of domains or subdomains you want to secure.
- Generate a CSR for the certificate you selected in step one and complete your order.
- After completing your order, you will receive an order confirmation email from your CA. The email will contain a link where you need to submit the CSR you created in step two.
- Depending upon the validation level you selected, the CA will verify your details. For a DV certificate, it only takes a few minutes. For the other two, it usually takes longer, but the process can be expedited on request.
- Once the vetting process is over, you will receive your certificates via email. Once installed on your server, you should be able to access your website over HTTPS.