Some websites show the company name next to the URL (in Chrome) and some don't.
How do I set this up for my website? Is there a reason why or why I wouldn't want to do this?
Asked
Active
Viewed 4.6k times
82
-
4The acls.net certificate will also contain the name of the company if you look in the subject field of the certificate. It's just a commercial trick to not show it in the address bar with the green background. Extended validation validates nothing more than the websites abilities to pay money to those greedy certificate authorities. – billc.cn Mar 14 '13 at 01:00
2 Answers
90
This is only for websites that use Extended Validation SSL encryption. The name is the name the certificate is issued to. It is a security feature put in place to verify that the website is actually served by the company it claims to be from. Simply put, it works like this:
- Company X decides it wants to secure (e.g. by encryption) communications with the website and the one who requests it.
- Company X asks a trusted third party to verify the owner and to issue a digital certificate.
- The third party checks the applicant and then issues a certificate, vouching for the identity of the website. So you know Github is actually Github, and not some malicious website.
- Your browser sees that Company X uses EV SSL-encryption and queries the certificate. This shows to be issued by a trusted third party to Company X. Your browser then displays the name of the company the certificate was issued to. If it is the same, it will turn green (like in your screen shot) if it does not, the browser will warn you that the website might not be the website it says to be and turn red.
You need a couple of things to set this up, most notably:
- An EV SSL certificate (Like from Godaddy, but there are many more issuers out there. Google this for yourself.)
- A host that supports the use of SSL (inquire with your host on how to set this up for your domain)
Certificates generally don't come cheap, and it is really a matter of whether you really need it. Admittedly, it looks cool, but it might be unnecessary for you.
You can find more detailed information about this from other sources, like its Wikipedia page.
Pylsa
- 30,630
- 16
- 89
- 116
-
What, exactly, does the browser check? I thought all it checked was that the certificate presented was issued by a trusted CA, and that it matches the URL you typed in. I thought the company name was so that the _user_ could check that it's who they expect. – cpast Mar 13 '13 at 22:32
-
2@cpast It does match the domain to the domain on the certificate. However, because the certificate is approved, the name on the certificate will also be ok. The company name is purely informative for the user. However, since the OP doesn't seem to have extensive knowledge about certificates, I quite simplified the process description to be more descriptive than technical. – Pylsa Mar 13 '13 at 22:37
-
It checks user credentials/after installing certificates and matches it with servers in mutual handshake. TO justify the user authenticity/ as well as on client side justify the server authenticity. For Example: change date and time to older in your PC and try yo log in to gmail, or Gtalk. you will see what happens :) – MarmiK Mar 14 '13 at 05:13
-
Great, thank you. Just for reference, normal SSL is $70/yr with GoDaddy and EV SSL is $100/yr. I'm sure other options are cheaper. The extra branding alone makes this valuable for my business. – William Entriken Mar 15 '13 at 15:39
-
-
@BloodPhilia, hmm do you happen to know why Google and Facebook don't use EV but simply use a basic padlock? – Pacerier Aug 13 '13 at 19:22
-
@Pacerier Probably because it really doesn't add a lot of value security wise. – Pylsa Aug 14 '13 at 00:02
-
@BloodPhilia, but surely it doesn't cost alot as well. With their revenue, it's practically *free*. So why do you reckon Google and Facebook don't use EV even when it is *free*? – Pacerier Aug 15 '13 at 03:31
-
@Pacerier There are plenty of arguments against EV-SSL you can find if you google it. Not the least one is the issue of incompatibility with older/low-end devices and software. – Pylsa Aug 15 '13 at 15:04
-
But if i bought a normal certificate (DV) it will turn the green bar? – Arnold Roa Nov 12 '16 at 22:32
-
Does anyone know why sometimes the company name disappears? Mostly when in my CMS I add a title for the page? – Fatima Jun 15 '19 at 09:46
22
That's a result of using an Extended Validation certificate - extended validation, or EV certificates require additional validation before the certificate is issued. The idea is that there is better proof that the company really is applying for the certificate, so you should be able to have some more confidence that you really are talking to who you think you are.
Adam Caudill
- 561
- 3
- 11
-
So, we have the normal certificate, the green certificate and the green EV? – Arnold Roa Nov 12 '16 at 22:19
-
@ArnoldRoa Normal Certificate can be self-sign, meaning you sign the certificate yourself. Green Certificate means certificate that are has been audited, and trusted by CA Root Program (e.g Mozilla CA Program, Microsoft Trusted Root Program, etc...) and Green EV means **the one** (meaning, you) that ask for a certificate get validated with extra steps (EV = Extended Validation); thus increase the trustability of the issued certificate. – Chris Qiang May 13 '21 at 20:41