You may have noticed that the URL (s) of some websites start with “http://“, and some with “https://“. Or that on some websites in front of the website address in browser address bar there is a image of a small green lockpad. Websites that do not have this green lockpad use the standard HyperText Transfer Protocol as the main protocol for transmitting information between client browsers and the server. Information that is exchanged via ordinary HTTP protocols remains unprotected and susceptible to interception and can be misused as such. This small difference in the name between HTTP and HTTPS, i.e. the letter S at the end of the protocol name signifies a lot in terms of security and indicates that it is behind the Secure Socket Layer technology, or shortened SSL.
HTTPS is, in fact, a standard HTTP protocol with built-in protection in the form of cryptographic protocols TLS / SSL, thus ensuring secure communication between the browser and the server. And what in the specific case means that the data traveling to your and from your browser – website is encrypted and thus protected from malicious activities and possible interception.
SSL certificates are not required only for websites selling online. Any website that collects or processes information in order to protect against potential misuse (credit card information, phone numbers, user data, email addresses …) should have an SSL certificate.
There are several types of SSL certificates that differ each one from another to the level of protection and the guarantees they provide.
Domain Validation Certificate (DV) – An SSL certificate validating a domain / web address
You can most often meet a Domain Validation certificate, i.e. with a certificate for the protection and security of communication, and for which it is only necessary that the certification body verify ownership of the domain. The checking procedure is not as rigorous as for other types of certificates.
Organization Validation Certificate (OV) – An SSL certificate validating the company / organization
This certificate is intended for small and medium enterprises, where the validation of the company is important, for example, such as Internet shops with a smaller volume of transactions. Unlike the DV certificate, the OV certificate validates the company or organization that requested the certificate, i.e. it is guaranteed that the website belongs to the company to which it is issued and that the company is legitimate and officially registered.
Extended Validation Certificate (EV) – SSL Extended Validation / Verification Certificate
Extended Validation is a type of certificate where the firm or organization that applies for the certificate is thoroughly inspected and checked. The certification body that issues the EV certificate gives the strongest guarantees that the website is secure and not false, also confirms the complete validation of the business of the company or organization. This type of certificate is intended for medium and large enterprises, as well as companies whose websites contain financial transactions, online banking services, etc. With this certificate, a green address bar with the abbreviated name of the company is displayed in the web browser.
There are many certification bodies and the most famous are Norton, VeriSign, Comodo, Truste, Thawte … For example, the website (www.atec.rs) that you are currently visiting has the Comodo SSL certificate, which is generally obtained very quickly in within 2 business days. In most cases, it takes up to several hours, although we had rare cases when the issuance of certificates takes a day longer. In case you need a Extended Validation Certificate, your certification may take 10 days or more.
You can purchase the SSL certificate directly from the certification bodies, partner sites or authorized dealers. If all of this is complicated to you, we can help you when choosing and purchasing SSL certificates, as well as when installing and customizing your website HTTPS protocol.