In-depth analysis of SSL digital certificates to escort corporate websites

2021.06.04
An SSL certificate is a type of digital certificate. It complies with the SSL protocol and is issued by a trusted digital certificate authority, CA, after verifying the identity of the server. It has the functions of server identity verification and data transmission encryption.

Certificate function:

Information encryption: to ensure the user's privacy and confidential information security when logging in to the website for online shopping or conducting various transactions. Trusted websites will help you establish a secure encrypted channel for information transmission.
Identity recognition: Confirm the authenticity of the website. There are many fake and phishing websites on the Internet. How do users judge the authenticity of the website and how to trust the website they are visiting? A trusted website will help users confirm the identity of the website.





Why do you need an SSL certificate
Security-The transmission of information is encrypted to prevent information from being monitored. Basic requirements for credit card transaction websites.

The National Security Law requires website owners to ensure the security of registered users’ information. SSL certificate should be the most basic requirement

Apple APP, all APPs are required to use SSL, but there is no formal implementation

Google, Baidu and other search engines give priority to showing websites with https

Software installation, if there is no software with a code signing certificate, during installation, Windows and other operating systems will prompt insecure or unable to install

With the prevalence of e-commerce, the CA Center, the issuing authority of digital signatures, will provide reliable security for the development of e-commerce.

If your website uses an SSL certificate and displays a signature, your customers know that their transactions are safe and reliable, and they fully trust your website.

Which SSL certificate to choose for corporate website
Domain Verification Certificate (DV)
It is ensured that the transmission of confidential information of the website from the user's browser to the server is high-strength encrypted transmission, and will not be illegally stolen and illegally tampered with. You only need to prove that the domain name you want to protect is owned by you, and you can pass the certification authority (CA) audit. The issuance speed of domain name verification is fast, but because almost everyone can get the issuance of the DV certificate, the trust level is low.

Organizational Validation Certificate (OV)
It is a more advanced and better SSL certificate that needs to verify the true identity of all organizations on the website. It is different from the domain name verification (DV) certificate in that it requires some additional review work to ensure that you not only own your own domain name, but also that your company and organization are legal. Organizational Verification (OV) can not only encrypt the confidential information of the website, but also prove the true identity of the website to users.

Extended Validation Certificate (EV)
It refers to a certificate that needs to pass the high-level identity audit of an enterprise or unit to be issued. The certification authority will verify the authenticity of the applicant’s unit name, address, telephone number, bank account and other information. It usually takes 2-5 working days to review the information. The extended verification certificate has the highest level of encryption security. It is displayed in the browser address bar. Display the names of companies and units to facilitate users to identify fake websites.
Before applying for OV and EV certificates, the company’s qualifications must be confirmed.

You can apply for a DV certificate from an enterprise or a personal website, but you must be an enterprise to apply for OV and EV certificates. After the customer submits the application form, first go to Whois, D&B or Enterprise Public Credit Network to inquire relevant information.

Whois query: whois query

Enterprise public trust network query:

http://www.gsxt.gov.cn/index.htm

Dun & Bradstreet's inquiry: UPIK-Plattform-Dun & Bradstreet

114 query: telephone query: dial the area code +114 directly

DV certificate, verification is very simple, only need to verify the domain name ownership. There are generally two verification methods, email verification and file verification.

Email verification: Generally, the CA sends a verification email to the customer's administrator general mailbox or whois mailbox.
File verification: Generally, you need to upload files to the server.
There are also free SSL certificates, but the security is not that high. SSL certificate proxy
【Editor in charge: Wei Liyan TEL: (010) 68476606】