1

Check out these 2 links and look at what is in the search bar on the very left.

  1. https://www.digicert.com/legal-repository/
  2. https://www.wordfence.com/blog/2017/01/chrome-56-ssl-https-wordpress/

The first link says "DigiCert, Inc [US]" whereas the second link just says "Secure"

Is there a reason for this? I had a look at the certificates sent by each and the only difference I could see was that the DigiCert certificate had a more detailed Subject than wordfence. Does anyone know why this is happening and whether one is more secure than the other?

EDD
  • 111
  • 4
  • 1
    That's an *Extended Validation* certificate, which is much more rigorous than the standard "does the certificate owner control this domain". – Bob May 16 '17 at 10:33
  • @Bob yes, digicert is a CA – EDD May 16 '17 at 10:33
  • 1
    EV certificates do not have a direct relationship with being a CA. Most organisations can get an EV certificate - it just costs a whole lot of money, takes a whole lot of time, and will require a whole lot of ID documentation. – Bob May 16 '17 at 10:34
  • Basically, in case (1.) it's saying "This is owned by DigiCert. We've verified them through other documentation.". In case (2.) it's saying "This is the server that is identified by this domain's DNS records. We don't know who the actual server operator is, and we don't care.". – Bob May 16 '17 at 10:36

0 Answers0