How to Get a Green SSL Certificate
Just as SSL Certificates were starting to become really inexpensive, they figured out a way to start charging more money again. Enter the Green Address Bar, Green Certs, or officially known as an Extended Validation Certificate (EV Cert)
The latest browsers will display these certificates differently than regular certificates. For example here's PayPal Extended Validation Certificate shows up green in FireFox 3.5:
A regular SSL certificate would look like this:
The following browsers display extended validation certs green: Internet Explorer 8, Firefox 3.5, Safari 3.2, Opera 9.5, and Google Chrome.
The Extended Validation Certificates do require you to provide more information in order to obtain one.
- You must be a valid and verifiable legal entity (Government agencies, Corporations, General partnerships, Unincorporated associations, Sole proprietorship's).
- The employment and authority of the person placing the certificate order must be verifiable.
- A legal opinion letter (from an Attorney, or Accountant) may be required to confirm that the requester has the authority to obtain SSL Certificate(s) on behalf of the company
- The entities must have a conformable physical existence and business presence.
Pricing of the extended validation certificates will typically be at least twice as much as a regular certificate. For example you can get a domain ownership verified SSL certificate from GoDaddy (not a green cert) for $29 a year. The lowest price I have seen for an extended validation certificate is $99/year at Godaddy
- Godaddy - Green Certs start at $99/year
- Verisign - Green Certs start at $995/year
- Entrust - Green Certs start at $275/year
- Thawte - Green Starts at $599/year
The risk in going with the lower priced certificate authorities is that their signing certificate may not be recognized by old software, which would give a warning that the certificate cannot be trusted.
- HackMyCF Adds SSL/TLS Scanner - May 27, 2015
- HTTP Strict Transport Security - September 17, 2010
- Howto Require SSL for ColdFusion Administrator - October 23, 2009
- IIS: Disabling Weak SSL Protocols and Ciphers - October 8, 2009
- CFPARAM for Simple String Validation - May 29, 2007
if you are connected via https:// then you are already on the secure port 443(i think). Do you have to serve all elements java images etc with https://??
- What is the difference between ASCII Chr(10) and Chr(13)
- Fixinator and Foundeo Security Bundle
- Running CFML on AWS Lambda with FuseLess Slides
- Updating Java on ColdFusion or Lucee
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2
- Sessions don't work in Chrome but do in IE
- csrfVerifyToken does not invalidate the token