What's new
Carbonite

South Africa's Top Online Tech Classifieds!
Register a free account today to become a member! (No Under 18's)
Home of C.U.D.

We now have Extended Validation SSL

Oj0

Progenix.co.za
Retailer
VIP Supporter
Rating - 100%
245   0   0
Joined
Apr 26, 2010
Messages
31,116
Reaction score
13,495
Points
25,965
Age
34
Location
Norkem Park, Gauteng
As of 13 October 2021, our site uses an EV SSL certificate.


download.png



What does this mean?
Standard SSL certificates (including the free Let's Encrpyt ones, and those issued by CloudFlare for $5/month) work on Domain Validation, which requires nothing more than you to have access to (not even own) an email address on the domain in question. Your site could still be registered using fake information, such as John Doe with contact number 000-000-0000 - it doesn't matter, as none of that is validated.

Above that, you get Organization Validation, which contains 9 authorization checks.

At the top you get extended validation, which is what we now have and contains 16 authorization checks, including domain ownership, contact number, physical address, and registration with CIPC.

You can read a brief overview of the types of SSL here: GeoTrust | SSL Digital Certificate Authority | Encryption & Authentication


So what?
It is basically impossible for a scammer or fly-by-night to pass the extensive validations required.


How can I confirm this?
If you're using Chrome, click on the lock in the address bar to the left of the URL, then click Certificate (Valid). Under the details tab you will see Issuer: DigiCert SHA2 Extended Validation Server CA

In Firefox, click on the lock in the address bar to the left of the URL, then click Connection Secure, then More Information. In the popup that appears, click View Certificate and you will see Common Name: GeoTrust EV RSA CA 2018. Don't worry about the 2018 part, you'll see validity is from 12 October 2021 to 12 October 2022.

Alternatively, follow this link: DigiCert Secure - progenix.co.za


TL;DR?
We've been extensively, externally vetted as a legit organization :)
 
Lol only 16... I expect over 9000!

On a serious note, this is actually pretty serious, well done 🙂 very few people / organisations actually go through this effort, including a lot of "the big guys"

Cheers to you bud
 
  • Love
Reactions: Oj0
Lol only 16... I expect over 9000!

On a serious note, this is actually pretty serious, well done 🙂 very few people / organisations actually go through this effort, including a lot of "the big guys"

Cheers to you bud
I checked a bunch of local stores. I can find two that have done it. There are *very* big stores that haven't, including Incredible Connection.
 
Well of course, Incredible Connection wouldn't bother, because no one buys from them.
Well no-one with sense or cents.

Congrats . As a community we are very jealou... I mean proud of you !
 
As of 13 October 2021, our site uses an EV SSL certificate.


View attachment 60941



What does this mean?
Standard SSL certificates (including the free Let's Encrpyt ones, and those issued by CloudFlare for $5/month) work on Domain Validation, which requires nothing more than you to have access to (not even own) an email address on the domain in question. Your site could still be registered using fake information, such as John Doe with contact number 000-000-0000 - it doesn't matter, as none of that is validated.

Above that, you get Organization Validation, which contains 9 authorization checks.

At the top you get extended validation, which is what we now have and contains 16 authorization checks, including domain ownership, contact number, physical address, and registration with CIPC.

You can read a brief overview of the types of SSL here: GeoTrust | SSL Digital Certificate Authority | Encryption & Authentication


So what?
It is basically impossible for a scammer or fly-by-night to pass the extensive validations required.


How can I confirm this?
If you're using Chrome, click on the lock in the address bar to the left of the URL, then click Certificate (Valid). Under the details tab you will see Issuer: DigiCert SHA2 Extended Validation Server CA

In Firefox, click on the lock in the address bar to the left of the URL, then click Connection Secure, then More Information. In the popup that appears, click View Certificate and you will see Common Name: GeoTrust EV RSA CA 2018. Don't worry about the 2018 part, you'll see validity is from 12 October 2021 to 12 October 2022.

Alternatively, follow this link: DigiCert Secure - progenix.co.za


TL;DR?
We've been extensively, externally vetted as a legit organization :)
Is this just to make up for the reputational damage caused when the big boss made a thread titled "Progenix is dodgy"
 
I checked a bunch of local stores. I can find two that have done it. There are *very* big stores that haven't, including Incredible Connection.
Now that you're also "one of the big guys" your can now sponsor some stuffs for reviews? My 2 friends and 7 followers will know the only place to only buy their noctua fans and logitech peripherals will be PROGENIX! They'll be so jelly off my gear they'll have to buy it. That's how sponsorships work, yes? 🤣
 
Now that you're also "one of the big guys" your can now sponsor some stuffs for reviews? My 2 friends and 7 followers will know the only place to only buy their noctua fans and logitech peripherals will be PROGENIX! They'll be so jelly off my gear they'll have to buy it. That's how sponsorships work, yes? 🤣
Sure. I'm going to send you a sheet (one sheet) of A4 paper to review. Mind if I email it? Just print it on your side.
 
I just noticed that Carb is running a Cloudflare cert now. Validity from June 2021 so I'm guessing it was in effect before you switched to EV. Was there some issue with the EV cert that made you switch back? Or is something Cloudflare's doing hiding the EV cert?
Just my own opinion, but I echo Troy Hunt's sentiments regarding EV certs: they're not worth it, especially now that browsers have stopped showing that big green badge and it's nigh-invisible to the end user. He wrote a(nother) blog post about it here:
Extended Validation Certificates are (Really, Really) Dead
If only I could read (or delete my posts 😂)
This is Projenix, not Carb. Sorry for the noise.
FWIW EV probably makes more sense on a commerce site than a forum.
 
What’s scary is that I know what a SSL is, I think I’m growing up 😬 that moment when you start to understand the things you couldn’t as a kid…
 

Users who are viewing this thread

Latest posts

Back
Top Bottom