Help Center

Version 2.0

• SSL Certificates
• Extended Validation SSL Certificates

Related Articles

• How Do I Get My Extended Validation SSL Certificate to Show the Green Bar in Internet Explorer 7...
• How Long Does it Take to Issue an Extended Validation SSL Certificate?
• Which Documentation Is Required in Order to Apply for an Extended Validation SSL Certificate?
• How Do I apply for an Extended Validation SSL Certificate?
• What Is a Verified Accountant Letter?
• To an Organization, What Is the Advantage of Having an EV SSL Certificate?
• What is an Extended Validation SSL Certificate?
• What Is a Certificate Approver?

What is the difference between an Extended Validation SSL Certificate and a High Assurance SSL Certificate?

The main difference between Extended Validation (EV) and High Assurance (HA) SSL certificates is the vetting process that must be completed in order for the Certification Authority (CA) to issue a signed certificate to the requestor. Additionally, Web sites secured with EV SSL certificates will be displayed differently in the new generation of Web browsers, starting with Internet Explorer 7. New versions of Firefox and Opera browsers will soon follow.

More comprehensive than the HA vetting process, the EV SSL vetting process validates the requestor's domain control and verifies the requesting entity's legal existence and identity. The process authenticates the following information pertaining to the certificate-requesting organization:

• Legal existence: The Certification Authority (CA) must confirm with the Incorporating Agency in the requesting entity's Jurisdiction of Incorporation that, as of the date the EV Certificate is issued, the organization named in the EV Certificate legally exists as a valid organization or entity in the Jurisdiction of Incorporation.
• Identity: The CA must confirm that, as of the date the EV Certificate is issued, the legal name of the entity named in the EV Certificate matches the name on the official government records of the Incorporating Agency in the requesting entity's Jurisdiction of Incorporation. (And if an assumed name is also included, that the assumed name is properly registered by the requesting entity in the jurisdiction of its place of business.)
• Registration number: The CA must obtain the specific unique registration number assigned to applicant by the Incorporating Agency in the requesting entity's Applicant's Jurisdiction of Incorporation.
• Registered agent: The CA must obtain the identity and address of the requesting entity's Registered Agent or Registered Office (as applicable) in the requestor's Jurisdiction of Incorporation.
• Right to use domain name: The CA must take all steps reasonably necessary to verify that, as of the date the EV Certificate is issued, the entity named in the EV Certificate owns or has the exclusive right to use the domain name listed in the EV SSL certificate.
• Authorization for EV SSL certificate: The CA must take all steps reasonably necessary to verify that the entity named in the EV SSL certificate has authorized the issuance of the EV SSL certificate.