Solved

organization wide digital certificate

Posted on 2013-12-21
5
61 Views
Last Modified: 2016-07-13
For each user we had to buy and use individual user certificate from third party which provides website to access their website. Now we are planning to buy and use organization wide digital certificate ( known as site digital certificate as well ) from that third party instead of buying and using individual user certificate to access their  website. So I want to know what organization wide digital certificate is , if  organization wide digital certificate is user certificate or computer certificate type, differences between organization wide digital certificate and individual user certificate , how to install organization wide digital certificate  and if we only need one organization wide digital certificate to buy for all users to access that third-party site.
0
Comment
Question by:AungMyat
  • 3
5 Comments
 
LVL 63

Assisted Solution

by:btan
btan earned 500 total points
ID: 39734367
It does not makes any difference whether it is computer or user certificate as both is dealing with authenticating and verifying the identity. If the past practice change from specific user become the use of site, are you saying only one cert for all users such as blanket granting as long as I am an employee of your enterprise?

The user authentication should still stands for individual. I see the site based certifcation as to mean organisation validated compared to domain validated. Pls consider
http://www.opensrs.com/blog/2012/06/why-business-customers-should-use-organization-validated-ssl-certificates/
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 41704440
The question is asking on the fundamentals  of the digital family of certificate type. Primarily all digital certificate is used mainly as a form of authentication, digital signing and encryption. They are issued to individual (client), host (computer) or organisation specific service (web services  or systems services etc).

For organisation wide certificate, or I see it as organisation validated certificate represents an enterprise identity whereby CA likebthe 3rd party one mentioned prior to certificate issusance, conducts checks on the right of the applicant to use a specific domain name as well as it conducts some vetting of the organization. Typically as compared to client and computer certificate which isbself explanatory, will show additional vetted company information to users or visitor when clicking on a trusted icon or some called a secure seal to provide an enhanced visibility in who is behind the site and associated enhanced trust. One example is globalsign CA which shows such background info via Secure Site Seal https://www.globalsign.com/en-sg/ssl-information-center/using-secure-site-seal/

This type of organisation wide certificate is unlike the more common Domain Validation (DV) Certificates where has the CA checks the right of the applicant to use a specific domain name. It represents a Service or website domain. Or I loosely see it as even client or hostname that is FQDN represented as in using Active directory as reference. Note that in this case there is no company identity information vetted and no information is displayed other than encryption information within the Secure Site Seal for the case of Globalsign CA.

See comparison of different certificate in
https://www.globalsign.com/en-sg/ssl/organization-ssl/

For provisioning of certificate and installation cum usage will depends on the servers and intent you are talking about. Suggest the how to video (from Globalsign) as a good starter. A tip is normally 3rd party CA always has material on those use case and another candidate is DigiCert.

https://www.globalsign.com/en-sg/resources/
0
 
LVL 63

Expert Comment

by:btan
ID: 41704443
For consideration on the add on for solution as per http://#ID:41704440
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question