SSL is the abbreviation for Secure Socket Layer. SSL certificates have two main functions, namely authentication and data encryption. SSL certificates can authenticate the identity of a company or website. When users visit a website, they can click on the website security certificate and trust seal to learn the specific information of the website and identify the authenticity of the website. In addition, the SSL certificate can also enable HTTPS encryption to protect the personal information entered by users on your website, ensuring that private and sensitive information is not illegally tampered with and preventing the leakage of transmitted information.

CA is the abbreviation of Certificate Authority, which is the certificate issuing authority. Since the CA is a third-party organization responsible for managing and issuing digital certificates, its role is to check the legitimacy of the certificate holder's identity and issue certificates to prevent the certificate from being forged or tampered with. It can be understood that the CA agency is similar to the public security bureau that issues ID cards to citizens. Therefore, not all companies can be called CAs. At present, the authoritative CA companies mainly include sslTrus, CFCA, Sectigo, Geotrust, Digicert, etc.

In 2020, the CA/B Forum proposed to limit the maximum validity period of SSL certificates to one year. Since then, CA institutions have followed industry standards for many years and gradually adjusted the validity period of SSL certificates to 398 days at the end of August 2020. Although the validity period of SSL digital certificates has been shortened, in order to help users reduce the risks caused by certificate interruption and certificate expiration, sslTrus provides multi-year SSL certificate subscription, up to 6 year-subscription. Significant discounts will be applied for multi-year SSL certificate purchase, which not only reduces business costs, but also simplifies the certificate renewal process.

Note: After subscribing to a multi-year SSL certificate, we will validate SSL certificates in each year. sslTrus will send a new certificate to the user in advance before the certificate expires. The user only needs to replace the previous certificate.

CA will issue SSL certificates after the purchase is finished through sslTrus platform. We will send you SSL certificate documents to install via email address. Clients can also login sslTrus platform to download certificates. Many forms of SSL certificates are provided including Nginx、Apache、Tomcat、IIS,etc. There’s no need to convert.

If you have other related questions, you can check our Knowledge Base, or contact online customer service for help.

The purpose of users applying for SSL certificates is to enable HTTPS encryption on the internet, safeguard website information security, and prevent website information from being hijacked or tampered with. Enterprise users have an additional need for identity authentication to avoid their corporate information being misused by malicious individuals, while also reassuring visitors to browse, use, and conduct transactions on their websites with confidence. Obtaining the trust of browsers in the internet industry is not achievable with any HTTPS certificate. Therefore, this requires publicly trusted CA (Certificate Authority) institutions to verify the applicant's domain ownership. For example, when applying for OV/EV SSL certificates, applicants also need to cooperate with completing enterprise verification to prove that the applicant is a real and legitimate entity before the SSL certificate can be issued. Specific certificate verification methods can be found in the SSL certificate application documentation.

This is because the email or phone number provided by the applicant themselves cannot prove ownership by the personnel of the applicant organization, and there is a risk that criminals may impersonate personnel from other organizations to apply for certificates for phishing websites. Therefore, for domain validation, CA (Certificate Authority) institutions can only recognize the use of an administrator email or the Whois registered email for completion; for enterprise validation, the phone number or email obtained through third-party authoritative platforms (such as enterprise annual reports, 114 directories, etc.) must be used for completion.