- Joined
- Apr 26, 2010
- Messages
- 31,214
- Reaction score
- 13,826
- Points
- 25,965
- Age
- 34
- Location
- Norkem Park, Gauteng
As of 13 October 2021, our site uses an EV SSL certificate.
What does this mean?
Standard SSL certificates (including the free Let's Encrpyt ones, and those issued by CloudFlare for $5/month) work on Domain Validation, which requires nothing more than you to have access to (not even own) an email address on the domain in question. Your site could still be registered using fake information, such as John Doe with contact number 000-000-0000 - it doesn't matter, as none of that is validated.
Above that, you get Organization Validation, which contains 9 authorization checks.
At the top you get extended validation, which is what we now have and contains 16 authorization checks, including domain ownership, contact number, physical address, and registration with CIPC.
You can read a brief overview of the types of SSL here: GeoTrust | SSL Digital Certificate Authority | Encryption & Authentication
So what?
It is basically impossible for a scammer or fly-by-night to pass the extensive validations required.
How can I confirm this?
If you're using Chrome, click on the lock in the address bar to the left of the URL, then click Certificate (Valid). Under the details tab you will see Issuer: DigiCert SHA2 Extended Validation Server CA
In Firefox, click on the lock in the address bar to the left of the URL, then click Connection Secure, then More Information. In the popup that appears, click View Certificate and you will see Common Name: GeoTrust EV RSA CA 2018. Don't worry about the 2018 part, you'll see validity is from 12 October 2021 to 12 October 2022.
Alternatively, follow this link: DigiCert Secure - progenix.co.za
TL;DR?
We've been extensively, externally vetted as a legit organization