Solved

organization wide digital certificate

Posted on 2013-12-21
5
59 Views
Last Modified: 2016-07-13
For each user we had to buy and use individual user certificate from third party which provides website to access their website. Now we are planning to buy and use organization wide digital certificate ( known as site digital certificate as well ) from that third party instead of buying and using individual user certificate to access their  website. So I want to know what organization wide digital certificate is , if  organization wide digital certificate is user certificate or computer certificate type, differences between organization wide digital certificate and individual user certificate , how to install organization wide digital certificate  and if we only need one organization wide digital certificate to buy for all users to access that third-party site.
0
Comment
Question by:AungMyat
  • 3
5 Comments
 
LVL 62

Assisted Solution

by:btan
btan earned 500 total points
ID: 39734367
It does not makes any difference whether it is computer or user certificate as both is dealing with authenticating and verifying the identity. If the past practice change from specific user become the use of site, are you saying only one cert for all users such as blanket granting as long as I am an employee of your enterprise?

The user authentication should still stands for individual. I see the site based certifcation as to mean organisation validated compared to domain validated. Pls consider
http://www.opensrs.com/blog/2012/06/why-business-customers-should-use-organization-validated-ssl-certificates/
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 41704440
The question is asking on the fundamentals  of the digital family of certificate type. Primarily all digital certificate is used mainly as a form of authentication, digital signing and encryption. They are issued to individual (client), host (computer) or organisation specific service (web services  or systems services etc).

For organisation wide certificate, or I see it as organisation validated certificate represents an enterprise identity whereby CA likebthe 3rd party one mentioned prior to certificate issusance, conducts checks on the right of the applicant to use a specific domain name as well as it conducts some vetting of the organization. Typically as compared to client and computer certificate which isbself explanatory, will show additional vetted company information to users or visitor when clicking on a trusted icon or some called a secure seal to provide an enhanced visibility in who is behind the site and associated enhanced trust. One example is globalsign CA which shows such background info via Secure Site Seal https://www.globalsign.com/en-sg/ssl-information-center/using-secure-site-seal/

This type of organisation wide certificate is unlike the more common Domain Validation (DV) Certificates where has the CA checks the right of the applicant to use a specific domain name. It represents a Service or website domain. Or I loosely see it as even client or hostname that is FQDN represented as in using Active directory as reference. Note that in this case there is no company identity information vetted and no information is displayed other than encryption information within the Secure Site Seal for the case of Globalsign CA.

See comparison of different certificate in
https://www.globalsign.com/en-sg/ssl/organization-ssl/

For provisioning of certificate and installation cum usage will depends on the servers and intent you are talking about. Suggest the how to video (from Globalsign) as a good starter. A tip is normally 3rd party CA always has material on those use case and another candidate is DigiCert.

https://www.globalsign.com/en-sg/resources/
0
 
LVL 62

Expert Comment

by:btan
ID: 41704443
For consideration on the add on for solution as per http://#ID:41704440
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question