Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does the brand name matter for a SSL EV certificate? [closed]

Tags:

ssl

ssl-certificate

Do end users really care if a SSL EV certificate is from VeriSign, Thwate, DigiCert, or etc.? A certificate from VeriSign can cost up to 3x the cost from DigiCert for the same basic features. VeriSign is probably the most recognizable brand name though.

I've had many discussions with people about this topic, but I've never seen any real data (from studies, surveys, etc.) to support the idea that end users will feel more secure using your site when they see the VeriSign seal vs. the DigiCert seal.

Does anyone have any real data to back up this idea?

like image 476
Notorious2tall Avatar asked Nov 07 '08 17:11

Notorious2tall

People also ask

Does hostname need to match SSL certificate?

The certificate is valid only if the request hostname matches the certificate common name. Most web browsers display a warning message when connecting to an address that does not match the common name in the certificate.

How do you tell if a CERT is an EV cert?

The primary way to identify an EV certificate is by referencing the Certificate Policies extension field. Each issuer uses a different object identifier (OID) in this field to identify their EV certificates, and each OID is documented in the issuer's Certification Practice Statement.

What makes an SSL certificate valid?

For an SSL certificate to be valid, domains need to obtain it from a certificate authority (CA). A CA is an outside organization, a trusted third party, that generates and gives out SSL certificates. The CA will also digitally sign the certificate with their own private key, allowing client devices to verify it.

Who is responsible for SSL certificate?

Certificate Authorities, or CAs, issue certificates to organizations after a vetting process known as validation. For every public TLS/SSL certificate, CAs must verify, at a minimum, the requestors' domain.

2 Answers

No. The reason Verisign can charge more is that as one of the very first CAs they are recognised by more legacy and obscure browsers.

like image 190
bobince Avatar answered Dec 04 '22 07:12

bobince

I haven't seen much data on this either. The products are functionally the same. It seems hard to justify spending that much more on on a VeriSign certificate unless you are absolutely sure it will get you more money in the long run.

like image 37
Robert Avatar answered Dec 04 '22 09:12

Robert
Sign in to Comment

Related questions

Client-side TLS session ticket support in Java 7
Change HTTPI SSL default cert file location with environment variable
requests.exceptions.SSLError: hostname 'boxfwd.com' doesn't match either of 'nycmsk.com', 'www.nycmsk.com'
CRYPT_E_NOT_FOUND when importing certificate
SSL connection to MySQL server with Java
SSL self-signed certifications to connect with Mysql with PHP
PayPal TLS Test URL - PHP curl SSL protocol error
Let's Encrypt SSL certs for same domain, multiple instances
Erlang Installation and "/usr/local/ssl/lib/libcrypto.a: could not read symbols: Bad value"
File descriptor leak when getting response code. (cxf, ssl)
SSL certificate validation .NET vs Mono
Blocked Access to geolocation was blocked over secure connection with mixed content
PHP connection to remote mysql with ssl works via command but not in browser
How do I have Apache2 httpd use the ubuntu's CA cert for outbound SSL connections from Apache?
ruby open ssl api for encrypted key (without nodes option)
HTTPS Request in Kivy
How to force browser to fetch new SSL certificate instead of old one using server side configuration (Nginx)?
curl: RSA_padding_check_PKCS1_type_1:invalid padding
Downloading SetupTools in Maximo/Jython fails with HTTP error 403 SSL is required

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!