Which SSL Certificate To Use? EV OV or DV

News Knowledge Base
1

Which kind of SSL certificate can be used for UiPath platform- EV, OV or DV?

Query: For SSL certificate available today, there are Extended Validation (EV SSL), Organization Validated (OV SSL) and Domain Validated (DV SSL). Which one can be used for UiPath platform?

Resolution: The encryption levels are the same for each certificate, what differs is the vetting and verification processes needed to obtain the certificate.

Extended Validation (EV SSL) Certificates: With an EV SSL, the Certificate Authority (CA) checks the right of the applicant to use a specific domain name plus, it conducts a thorough vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007. All the steps required for a CA before issuing a certificate are specified here including:

  • verifying the legal, physical and operational existence of the entity
  • verifying that the identity of the entity matches official records
  • verifying that the entity has exclusive right to use the domain specified in the EV SSL Certificate
  • verifying that the entity has properly authorized the issuance of the EV SSL Certificate

The latest, and possibly most significant, advancement in SSL technology since its initial inception follows the standardized Extended Validation guidelines. New high security browsers such as Microsoft Internet Explorer 7+, Opera 9.5+, Firefox 3+, Google Chrome, Apple Safari 3.2+ and iPhone Safari 3.0+ identify Extended SSL Certificates and activate the browser interface security enhancements. For customers who wish to assert the highest levels of authenticity, this is the ideal solution.

EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV SSL Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.

Organization Validated (OV SSL) Certificates: The CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust. Organization name also appears in the certificate under the ON field.

Domain Validated (DV SSL) Certificates: The CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal. Ensure that the information is encrypted, receiving end of that information may not be an authorized person.

DV SSL Certificates are fully supported and share the same browser recognition with OV SSL, but come with the advantage of being issued almost immediately and without the need to submit company paperwork. This makes DV SSL ideal for businesses needing a low cost SSL quickly and without the effort of submitting company documents.

For UiPath Platform, the certificate should fulfill the following requirements:

  • Microsoft RSA SChannel cryptographic Provider (Encryption).
  • Key Size is set to at least 2048 and Make private key
  • It should be called Web Server or Web.SAN

All three types of certificate can be used for UiPath platform, the only difference is the vetting and verification processes needed to obtain the certificate.