SSL validation methods

The value of a SSL certificate is not only the secure transfer of details between the end user and the web server. A significant benefit lies in the validation procedures used to check if the requester of the certificate is legitimate. The difference in price and delivery time for SSL certificates is influenced by the validation method. There are three ways in which an SSL certificate can be validated.

Extended Validation (EV)

SSL certificates with Extended Validation (EV) are becoming increasingly popular. A close cooperation between suppliers of SSL certificates and manufacturers of web browsers, united in the CA/Browserforum (www.cabforum.org) have ensured that websites using EV certificates are given a special visual emphasis, usually with a green highlight and the business name in the address bar. You can see an example of this on the Openprovider website.

Extended validation in Chrome  Extended validation in Firefox

The first part of the validation process is the same as that used in Organization Validation. After the business details are confirmed, the supplier makes contact with the requester by telephone. To be certain that all data is valid, the telephone number is sourced from an independent source (for example the telephone directory). Initially contact is made with the Human Resources department to check that the individual requesting the certificate is indeed employed by the business/organization. After this check is made, the details of the requested certificate are checked with the requester. Delivery time for EV certificates can be longer when compared to other SSL certificates because of these additional checks. In most cases the certificate is issued within 1 - 2 weeks.

Like the above validation methods, the end user will see https and a padlock in their web browser. The main visual difference is the green highlight and the name of the requester in the address bar. The end user can find the complete business details in the certificate should they wish to verify the legitimacy of the website.

extended validation

Research has shown that this method of validation can cause a significant increases in turnover for commercial websites. In most cases, ecommerce sites with an EV certificate experience an increase in conversion rate thanks to the increased trust that is associated with EV certificates. The costs of a EV certificate therefore, can be quickly returned in the form of increased revenue.

Extended Validation certificates are available at Openprovider from all brands except for RapidSSL.

Organization Validation (OV)

With Organization Validation, the business/organization that requests the SSL certificate is checked. Various sources of information are compared with each other as part of the validation process. Do the details of the requester match the details in the Whois? And do these details match with the local business registry. When these details match, then the certificate is issued.

Organizational validation in Chrome  Organizational validation in Firefox

A SSL certificate using this validation method acknowledges that the business/organization that requested the certificate has been verified. This type of certificate is suitable for websites where the end user needs to know who they are doing business with.

The end user will see https in the address bar of their browser, a padlock and a blue highlight in some browsers (e.g. Firefox). The business’s details are incorporated in the certificate and are visible in the address bar of the web browser.

organizational validation

Openprovider supplies Organization Validation SSL certificates from Symantec, GeoTrust, thawte and Comodo. This type of certificate is usually issued within 1 - 2 days.

Domain validation (DV)

SSL certificates that are validated on a domain level are the most affordable and have the quickest delivery time. An email is sent to the an email address that is directly related to the domain name. This is to check if the requester of the SSL certificate is someone who has control over the domain. This method of validation does not guarantee the legitimacy of the domain owner.

Domain validation in Chrome  Domain validation in Firefox

With a relatively low price and quick delivery (in most cases within minutes), this type of certificate is often used for intranets or smaller websites where the validation of the business/organisation behind the domain is not so important.

The end user can many of the visual cues that suggest a SSL certificate is being used in their browser - https in the address bar, the padlock and in some browsers (Firefox) a blue highlight. The business name from the requester is not actually incorporated in the certificate and is therefore not shown in the address bar of the web browser.

Openprovider offers Domain Validated SSL certificates from Comodo (EssentialSSL and Essential SSL Wildcard), RapidSSL and RapidSSL wildcard, GeoTrust (Quick SSL Premium) and thawte (SSL 123).

Self Signed certificates

In stark contrast to the above validation methods, is the so called Self Signed certificate. Most web servers support a secured SSL connection without the need for a certificate, however the end user will receive a clear warning in their web browser asking whether or not they wish to proceed. With more and more awareness for online safety, partially thanks to the increase in Internet fraud, the Self Signed certificate is becoming a less attractive option. Various web browsers give a clear visual warning, even when the certificate is added to the “exceptions list”. You may have seen the red strike through the https in Chrome, or the lack of a blue highlight in Firefox.

The cost of purchasing a SSL certificates is becoming more affordable (Openprovider offers SSL certificates starting from $13), so there is no reason to continue using a self signed certificate!

* The starting price is the price per year from Openprovider's highest price tier (Gold partner). View the tiered pricing structure for SSL certificates on our prices page.

Domain registration

Realtime registration and management

Domain registration
  • Completely automated system
  • Offering TLDs worldwide
  • Low prices
Domain registration
Domain Management

Professional and strategic

Domain Management
  • Automation via XML or e-mail
  • Customized services available
  • High volume discounts
Domain Management
Licenses

All hosting services at one provider

Licenses
  • Market leader in hosting automation
  • Realtime delivery
  • Extensive options, low pricing
Licenses

To get the best possible experience using our website we recommend that you upgrade to a newer version or other web browser like Google Chrome, Safari of Firefox.