The ultimate guide to security certificates – what you need to know

Security certificates and the terminology explained

Terminology can be difficult at the best of times and in the IT field, it can be a real nightmare for people just learning about website management and cyber security issues.

To help everyone and to ensure you can communicate with IT professionals, help desks and others working on their own websites, here are some of the most commonly used SSL terms and their meanings.

Before getting started with the full list, it will be important to take a closer look at the definition of SSL.

This is a security technology that has been around since the mid part of the 1990s. It has gone through several evolutions and is now known as TLS or Transport Layer Security, although everyone continues to use the term SSL (Secure Sockets Layer).

By definition, this includes the use of a pair of keys, one private and one public, to establish a secure, encrypted link between a server and a browser. It can also be between a mail server and an email client or, much less commonly, between servers.

As the keys only work with each other to encrypt and decrypt, the public key encrypts data sent and the private key decrypts, ensuring no interference or capturing of the data transmitted.

With that in mind, here are some common terms used in SSL data security.

SSL data security terms

256 bit – this is the encryption key size that is used to generate the encrypted data as well as provide the decryption. The industry requirements for information security is 256 bit for data transfer.

Browser recognition – this can also be called browser compatibility. The CA or Certificate Authority has a trusted embedded root certificate with all major browsers and devices. This allows all certificates linking to that root certificate to also be seen as trusted. Top CAs offer 99.9% browser and device recognition.

Certificate Authority (CA) – this is the entity that is approved to verify the information provided on the Certificate Signing Request to issue an SSL certificate of any type and level. The professionalism and adherence to industry standards in issuing certificates are critical.

Padlock and keyDomain Validation(DV) – this is the most basic level of verification by a CA and shows that the person applying for the SSL certificate is the authority of record for the website. This is a good option only if there is no personal or financial information shared on the site.

Extended Validation (EV)– this is literally the gold standard in SSL certificates, although perhaps the green standard would be a better term. While the site will have a green padlock, it will also have a green address bar, immediately altering site visitor to the additional verification process for the site.

Fully Qualified Domain Name – this is the actual name of the website as listed on the certificate. It includes three parts the "www" the website name "mycompany" and the .com, .org, .net, .biz or any other designation. The Fully Qualified Domain Name has to match the URL for the SSL certificate to be valid.

HTTPS – this stands for Hypertext Transfer Protocol Secure. This is found only on websites with a valid SSL/TLS certificate. The "S" for secure indicates the site is using encryption.

Organizational Validation (OV) – this is the most common type of validation. The CA will verify the applicant is the domain owner or agent and the organization (company or business) is verified. This is done through a check of databases.

Personal Authentication Certificate – this is used for emails and allows the user to encrypt and digitally sign emails. This provides full protection that the email transmission has not been altered or tampered with, which is essential when sending contracts and other business or personal documents and information.

Relying Party Warranty – this is a warranty provided by the CA that the verification they complete and the certificate issued is trusted. Anyone using the website based on the reliance that the site is safe from the CA verification that then had fraudulent charges to their card can be reimbursed up to that amount or the maximum offered through the CA based on the type of certificate in place.

SAN – multi-domain certificates will use SAN or Subject Alternative Name. This allows the certificate to list multiple different domain names and subdomains on the same certificate. With a SAN multi-domain certificate, management is streamlined and there is just one certificate instead of up to 100 separate certificates.

Site Seal – this is a seal that is unique to each CA. It is a quick, easy to spot visual sign of enterprise security for people visiting the site. With some site seals, mousing over will bring up a small text box that includes the actual information from the certificate.

UCC – the Unified Communications Certificate is a special SSL product used with Microsoft Exchange and Office Communications servers. This certificate can be combined with other types of certificates, such as multi-domain and wildcards for complete control.

Wildcard certificate – the Wildcard SSL certificate is used to provide security and protection for one main domain and associated subdomains. This is a very cost effective option for large websites where subdomains are used to direct clients and customers to specific areas of the site quickly and effectively.

If you aren't sure about any terms used in any cyber security definition, description or product, be sure to talk to the vendor and ask questions.

Top companies will have sales professionals and tech support to make sure you have the information you need before you purchase an SSL certificate.


Author Bio: Natasha Miranda is a Technical Content Writer from Comodo, who writes blogs and articles on internet security. Her posts generally aim to create awareness about SSL certificates, endpoint protection, malware, and firewall.


notepad Save 50% on RAWinfopages online courses! Get 50 Shares A Day - PDF with 50 places to promote your blog/website daily!
Join our FREE newsletter!