How to Get a Green SSL Certificate

November 18, 2009
web

Just as SSL Certificates were starting to become really inexpensive, they figured out a way to start charging more money again. Enter the Green Address Bar, Green Certs, or officially known as an Extended Validation Certificate (EV Cert)

The latest browsers will display these certificates differently than regular certificates. For example here's PayPal Extended Validation Certificate shows up green in FireFox 3.5:

example extended validation certificate green

A regular SSL certificate would look like this:

SSL Certificate without EV

The following browsers display extended validation certs green: Internet Explorer 8, Firefox 3.5, Safari 3.2, Opera 9.5, and Google Chrome.

The Extended Validation Certificates do require you to provide more information in order to obtain one.

  • You must be a valid and verifiable legal entity (Government agencies, Corporations, General partnerships, Unincorporated associations, Sole proprietorship's).
  • The employment and authority of the person placing the certificate order must be verifiable.
  • A legal opinion letter (from an Attorney, or Accountant) may be required to confirm that the requester has the authority to obtain SSL Certificate(s) on behalf of the company
  • The entities must have a conformable physical existence and business presence.

Pricing of the extended validation certificates will typically be at least twice as much as a regular certificate. For example you can get a domain ownership verified SSL certificate from GoDaddy (not a green cert) for $29 a year. The lowest price I have seen for an extended validation certificate is $99/year at Godaddy

  • Godaddy - Green Certs start at $99/year
  • Verisign - Green Certs start at $995/year
  • Entrust - Green Certs start at $275/year
  • Thawte - Green Starts at $599/year

The risk in going with the lower priced certificate authorities is that their signing certificate may not be recognized by old software, which would give a warning that the certificate cannot be trusted.



Related Entries

This entry was:

Comments

And there is no EV support for Wildcard certificates either, so companies who require EV status, and have previously relied on wildcard certs are going to have to shell out a lot of cash (although you could just as easily by an EV cert for the most important domain)
That's a good point Andy, thanks for sharing.
Yeah, security is essential.
How do you get the certificate to display all elements on the page are safe?

if you are connected via https:// then you are already on the secure port 443(i think). Do you have to serve all elements java images etc with https://??
@Roland - Yes you must serve all elements on the page using https including js, images, css, etc.

Post a Comment




  



Spell Checker by Foundeo

Recent Entries



foundeo


did you hack my cf?