SSL Certificates

To certify a website (accessible with or without www) the recommended certificates are "Sectigo Essential" and "GeoTrust RapidSSL"

To certify a domain and all its subdomains including www, the recommended certificates are "Sectigo Essential Wildcard" and "GeoTrust RapidSSL Wildcard"

The data required to order a standard SSL certificate are: the data of the owner and technical contact, the type of server, the CSR generated on the server where the certificate will be installed (together with its private key) and a mail address In the domain to certify where the verification and approval mail will be sent, this address can be admin@, postmaster@ or webmaster@

The time of issue of the certificate depends on the type of certificate and the certifying entity.

To renew a certificate, you must request a new one. You can use a private key that you already have if it complies with the security requirements, otherwise you must generate a new private key.

The private key is a fundamental part of the encryption and validation process. In the case that you lose the private key, the certificate will be unusable and you must generate a new one.

SSL certificates with domain validation are certificates that are verified against domain registration. There is no organization identification information for these certificates and, therefore, they provide the minimum level of security. They are not commonly used for commercial purposes, but they are used for internal purposes or generic sites. Visitors to a website with DV certificates can not validate, through the certificate, if the business on the site is legitimate and, therefore, they often DO NOT trust this type of certificate. It is recommended to use these types of certificates where security is not a concern, such as internal protected systems where internal clients or employees already know the established trust of the organization.

The organization SSL certificates are trusted for commercial transactions. The organizations are strictly authenticated by real agents against the registration databases of companies hosted by governments. Documents can be exchanged and staff can be contacted during validation to prove the right to use. Therefore, OV certificates contain legitimate business information. This is the standard type of certificate required on a commercial or public website. The OV certificates conform to RFC X.509 standards and, therefore, contain all the information necessary to validate the organization.

Provide the highest level of confidence and security. It is used by most of the leading organizations in the world. They have discovered that switching from OV to EV certificates increases online transactions and improves customer confidence. It is no longer a luxury but a necessity. Sites protected with an SSL Certificate with EV show the organization name at certificate details to quickly assure visitors that the legal and physical existence of the organization was verified in accordance with the strict industry standards. EV certificates restore the confidence that users have for a secure website. The criteria for issuing EV certificates are defined in the Guidelines for Extended Validation and provide a verification process that is much stricter than that of OV certificates. In addition to improving confidence through the strictest authentication process, EV certificates activate a green bar visible in modern browsers to distinguish the secure site from others. It is extremely difficult to impersonate or forge an EV-enabled site, because even if web content can be duplicated, the green bar can not be activated without a reliable EV certificate.

SSL certificates have a guarantee of coverage issued by the issuer (certifying entity or certificate mark) that applies in the event that the holder suffers certain damages during its use and whenever the issuer's negligence is proven. Each issuer applies certain conditions.

Comodo CA,announced that the company is rebranding to Sectigo. No changes to certificates are needed.

You can find more information about SSL certificates on our Blog: https://blog.baehost.com/?s=ssl