What is an SSL certificate?
Back to sslWhat is an SSL certificate?
An SSL certificate can be used to establish a secure connection between a browser or application and the server.
Because there is a unique key associated with the SSL certificate and a website's connection, it is possible to encrypt all data passing over the connection.
This makes it impossible for sensitive information such as passwords, personal information or payment details to be intercepted and read.
Although using an SSL certificate is technically optional, we recommend always using it. In addition, since 2018 it has been mandatory in the Data Protection Act for websites that process payment data to use an SSL certificate.
How do I recognize an SSL certificate?
An SSL certificate can be recognized in browsers (Chrome, Firefox, Internet Explorer etc) by a lock to the left of the URL.
This looks like this:
Your browser will check that the certificate is valid and that the details of the certificate match the domain you are going to.
Clicking on the word "Certificate" can retrieve additional information, such as the certificate's issuer and validity period.
It is important to note that the presence of an SSL certificate on a Web site is only relevant when using a https:// connection.
Not only browsers but also email programs check the SSL certificate when connecting via a secure connection. In this case, the subdomain "mail" is looked at.
In this case there should be a certificate present on mail.example.domain
What kind of certificates do you offer?
Through our user portal my.oxxa.com it is possible to order different types of SSL certificates.
These types are divided into 3 categories and 3 purposes.
1.DV Certificates
2.OV Certificates
3.EV Certificates
These 3 types have to do with the level of control performed by the issuer of a certificate (a so-called Certificate Authority or "CA").
These can be requested indivdividually for single domains (single domain certificate), multiple subdomains (multi-domain certificate) and all possible subdomains (wildcard certificate).
DV certificates
A DV or "Domain Validation" certificate is the simplest form of SSL certificate. It is verified by the Certificate Authority that the applicant for the certificate actually has access to the domain.
A DV certificate is therefore easy to verify and install.
OV certificates
An OV or "Organization Validation" certificate is a more extensive certificate where the identity of the organization behind the website is also checked by the Certificate Authority.
It also verifies that the applicant for the certificate is the legal owner of the organization. This can be done by telephone verification or by checking the Chamber of Commerce records.
When applying for an OV certificate, the Certificate Authority will contact the applicant to verify that the details are correct before the certificate is issued.
EV certificates
An EV or "Extended Validation" certificate is an OV certificate where the person requesting the certificate is also checked. For example, it is checked whether the applicant is actually employed by the organization.
Depending on the domain for which the EV certificate is requested, additional checks may be performed by the Certificate Authority. For example, a Professional opinion letter or an extract from the Chamber of Commerce may be requested.
For private websites or small web shops a DV certificate is generally sufficient. For larger organizations or web shops it is recommended to purchase an OV or EV certificate.
