In the process of building ** and the development process of small programs, it is difficult to avoid the need to use SSL certificates, but at present, there are many types of digital certificates, and what type of certificate to choose has become a tangled problem.
At present, there are three types of certificates that are more common in the market: DV domain name verification certificates; OV Organization Validated Certificate; EV Extended Validation Certificate. Here's a look at the differences between these three types of certificates:
1. Certificate type.
DV certificate: a domain name verification certificate, which can be issued by verifying the ownership of the domain name. This type of certificate is suitable for individuals and small and micro enterprises to apply, ** low, fast application, but the certificate can not display enterprise information, the security is poor. If it is deployed on the web, and the lock symbol is displayed in the browser, https can also be implemented.
OV certificate: An enterprise verification certificate, which verifies the ownership of the domain name and the real identity information of the applicant enterprise before issuing the certificate. At present, the OV type certificate is the most widely used and most compatible certificate type in the world. This certificate type is suitable for medium-sized enterprises and Internet business applications. If it is deployed on the web**, the lock symbol will be displayed in the browser, and the relevant information of the enterprise can be viewed by clicking on it. It supports ECC high-security encryption algorithm, which makes encrypted data more secure, has higher encryption performance, and is relatively cost-effective.
EV Certificate: Enhanced Validation Certificate, the certificate audit level is the most stringent verification method of all types, and the relevant information of other enterprises is additionally verified on the basis of the OV type of verification, such as the bank account opening permit. EV certificates are mostly used in industries with high security standards such as banking, finance, and payment. If it is deployed on the web, it can display a unique EV green logo address bar in the address bar to identify the trust level of ** to the greatest extent. It supports ECC high-security encryption algorithm, which makes encrypted data more secure and has higher encryption performance.
The definition of a certificate is still relatively easy to see, so how to distinguish it?
First of all, let's understand the difference between OV certificate and DV certificate
As can be seen from the comparison chart, the OV certificate displays information such as domain name + organization name in the subject of the certificate, while the DV certificate only displays the domain name information in the subject of the certificate.
Difference Between OV Certificate and EV Certificate:
As can be seen from the comparison chart: in the user column, the EV certificate has a lot more information than the OV certificate, the most obvious difference is that the serial number and other information are displayed, which is a field unique to the EV certificate, and other types of certificates do not have, one thing is worth noting that after the previous installation and deployment of the EV certificate, the browser interface will display a green box and the organization information, but now there is no more, which leads to a considerable number of enterprises using EV certificates before choosing the more cost-effective OV certificate. This is also how to distinguish between EV and OV certificates.
Summary: The selection of certificate type depends on the specific needs of individuals or organizations, and for personal portals, users basically only need to use DV certificates to meet the security needs of individuals. For some universities, government services, and small and medium-sized enterprises, the security and cost performance of the OV certificate will be higher. For large enterprises, it is more appropriate to choose OV and EV certificates.
Of course, self-signed certificates are strongly discouraged for everyone to use, so they are not reflected in the article, and the security performance of self-signed certificates is really not guaranteed'S Encrypt and JoySSL. For DV certificates, OV certificates, and EV certificates are also very comprehensive, and when registering Technology Meets Reading, fill into get a certificate coupon.