SSL validation explained

So you’re trying to figure out what type of SSL you need and you can’t figure out the difference between a Positive SSL certificate and a Premium SSL certificate? Both types of SSL come in several varieties, from single-domain security to multiple subdomain security, and will create encrypted connections to your site. So how do you know which one to choose?

The key difference is validation level. And the level of validation you choose is highly dependent on the type of website you have. How do you know that? All will be revealed in this blog post. But first, let’s take a look at what validation is.

Verifying who you are

Before you can get your SSL certificate, the issuing Certificate Authority (CA) needs to perform some verification checks into the person requesting it. This is known as validation. SSL certificates come in three validation levels:

  • Domain validation (DV): This is the lowest level of validation. The CA carries out very minimal checks, just verifying that you have access to the admin email of the site you want to secure.
  • Organization validation (OV): More extensive than DV, the CA will carry out more checks, such as your company’s existence.
  • Extended validation (EV): The most extensive validation level, the CA will cross-check government records and make a phone call to the company’s premises.

It’s also worth noting that while DV SSLs can be issued almost immediately because of the minimal checks, OV and EV certificates can take a few days.

So, to answer the question we started this blog with, the main difference between PositiveSSL and PremiumSSL, is that the former is DV validated, while the latter is OV validated.

What level of validation do I need?

This all depends on what exactly you want to do with your site and the level of assurance your visitors expect. DV is fine for simple websites that require minimal interaction from users. This can be anything from static, informational sites to blogs or portfolios. When a user clicks on the padlock symbol in the address bar, they’ll just see minimal information about when the SSL was issued.

Meanwhile, OV and EV certificates are often referred to as business validated certificates because they feature information about the company that ordered them in the SSL itself. Users can view this information when they click on the padlock icon that appears in the address bar of an SSL-secured site. This is especially important for websites that request personal information from its users. If a website is requesting things like credit card and social security numbers from its users, they want to be sure that the company is legit. That’s why having company information to hand is convenient for everyone. So for a site like an e-commerce store, a business validated SSL is vital.


Now you should know the difference between SSL validation levels and which type you should get for your particular website. No matter what type you need, make sure to start the process of securing your site with SSL as soon as possible.

Leave a Comment