HOW TO CHOOSE THE RIGHT TLS/SSL CERTIFICATEDetermining which TLS/SSL certificate is right for your organization can be challenging. There are numerous Certificate Authorities (CA) that o�er a multitude of certificates types. Before you find the right CA, it helps to first understand which certificate types are right for your organization.

WHAT IS A TLS/SSL CERTIFICATEInternet-connected devices rely on protocols called Transport Layer Security (TLS) and Secure Socket Layer (SSL) to encrypt information in transit. Website certificates, known as “TLS/SSL certificates”, are required for secure online interactions using cryptographic protocols designed to ensure that data passed between servers and web browsers remains private. If a website has “https://” before the domain name, you know that you’re connecting to a secure site.

HOW CAN I GET TLS/SSLCERTIFICATESENTERPRISES needing multiple or managed certificates can talk to a PKI expert » click here

INDIVIDUALS can purchase certificates with our certificate selection wizard » click here

FOR MORE INFORMATION about choosing the right TLS/SSL certificate, read our white paper » click here

TYPES OF TLS/SSL CERTIFICATEDOMAIN VALIDATED

ORGANIZATION VALIDATED

EXTENDED VALIDATED

These o�er the lowest level of assurance. They only confirm that:

The domain name is authentic.

They do not validate the identity of the organization controlling the website.

These provide the most common level of assurance and confirm:

The domain name is authentic.

The domain is associated with the named organization.

The organization and its registered address are authentic.

If any part of your organization’s business model involves collecting sensitive data about your customers, an OV certificate may be right for you.

These provide the most common level of assurance and confirm:

The domain name is authentic.

The domain is associated with the named organization.

The organization and its registered address are authentic.

The physical address of the place of business, jurisdiction of incorporation, registration and other extended information

If your organization accepts online payments or is in the banking, social media, health care, government or insurance industries, an EV certificate may be right for you.

DV OV EV

PUBLIC, PRIVATE & GOVERNMENT TRUST CERTIFICATESPUBLICTRUST

PRIVATETRUST

GOVERNMENTTRUST

• Trusted natively in operating systems, browsers, and mobile devices• Protect public-facing websites • Issued from infrastructure that is heavily audited to meet external compliance requirements

• Used to secure internal networks • Can be issued by either a trusted PKI (Public Key Infrastructure) service provider or an organization that runs its own internal PKI • Only secure server-to-server communication for IP addresses and non-registered domains• Require private, dedicated CAs that should abide by the same compliance requirements as Public Trust CAs

• Used primarily to interact with government applications• Cannot be automatically recognized as “trusted” in browsers and operating systems

HID Global is the trusted leader in products, services and solutions related to the creation, management, and use of secure identities for millions of customers worldwide.

©2020 HID Global Corporation/ASSA ABLOY AB. All rights reserved. HID, HID Global, the HID Blue Brick logo, and the Chain Design are trademarks or registered trademarks of HID Global or its licensor(s)/supplier(s) in the US and other countries and may not be used without permission. 2020-07-23-iams-tls-ssl-certificate-ig-en PLT-05340 hidglobal.com