Why do some websites show the company name next to the URL?
Solution 1
This is only for websites that use Extended Validation SSL encryption. The name is the name the certificate is issued to. It is a security feature put in place to verify that the website is actually served by the company it claims to be from. Simply put, it works like this:
- Company X decides it wants to secure (e.g. by encryption) communications with the website and the one who requests it.
- Company X asks a trusted third party to verify the owner and to issue a digital certificate.
- The third party checks the applicant and then issues a certificate, vouching for the identity of the website. So you know Github is actually Github, and not some malicious website.
- Your browser sees that Company X uses EV SSL-encryption and queries the certificate. This shows to be issued by a trusted third party to Company X. Your browser then displays the name of the company the certificate was issued to. If it is the same, it will turn green (like in your screen shot) if it does not, the browser will warn you that the website might not be the website it says to be and turn red.
You need a couple of things to set this up, most notably:
- An EV SSL certificate (Like from Godaddy, but there are many more issuers out there. Google this for yourself.)
- A host that supports the use of SSL (inquire with your host on how to set this up for your domain)
Certificates generally don't come cheap, and it is really a matter of whether you really need it. Admittedly, it looks cool, but it might be unnecessary for you.
You can find more detailed information about this from other sources, like its Wikipedia page.
Solution 2
That's a result of using an Extended Validation certificate - extended validation, or EV certificates require additional validation before the certificate is issued. The idea is that there is better proof that the company really is applying for the certificate, so you should be able to have some more confidence that you really are talking to who you think you are.
Related videos on Youtube
07 : 02
01 : 21
02 : 23
02 : 01
03 : 58
William Entriken
Lead author of ERC-721. Personal website and contact information: https://phor.net Promoting two open source projects: https://github.com/fulldecent/web-puc - A script to validate you are using the latest JQuery, Bootstrap, Font Awesome versions in your favorite PHP or other web front-end (compatible with Travis CI) https://fulldecent.github.io/cameralife/ - Mature LAMP project for displaying large photo collections on the web (i.e. your life work)
Updated on September 18, 2022Comments
-
William Entriken over 1 year
Some websites show the company name next to the URL (in Chrome) and some don't.
How do I set this up for my website? Is there a reason why or why I wouldn't want to do this?
-
billc.cn about 11 yearsThe acls.net certificate will also contain the name of the company if you look in the subject field of the certificate. It's just a commercial trick to not show it in the address bar with the green background. Extended validation validates nothing more than the websites abilities to pay money to those greedy certificate authorities.
-
-
cpast about 11 yearsWhat, exactly, does the browser check? I thought all it checked was that the certificate presented was issued by a trusted CA, and that it matches the URL you typed in. I thought the company name was so that the user could check that it's who they expect.
-
Pylsa about 11 years@cpast It does match the domain to the domain on the certificate. However, because the certificate is approved, the name on the certificate will also be ok. The company name is purely informative for the user. However, since the OP doesn't seem to have extensive knowledge about certificates, I quite simplified the process description to be more descriptive than technical.
-
MarmiK about 11 yearsIt checks user credentials/after installing certificates and matches it with servers in mutual handshake. TO justify the user authenticity/ as well as on client side justify the server authenticity. For Example: change date and time to older in your PC and try yo log in to gmail, or Gtalk. you will see what happens :)
-
William Entriken about 11 yearsGreat, thank you. Just for reference, normal SSL is $70/yr with GoDaddy and EV SSL is $100/yr. I'm sure other options are cheaper. The extra branding alone makes this valuable for my business.
-
Pylsa about 11 years@FullDecent You're very welcome!
-
Pacerier over 10 years@BloodPhilia, hmm do you happen to know why Google and Facebook don't use EV but simply use a basic padlock?
-
Pylsa over 10 years@Pacerier Probably because it really doesn't add a lot of value security wise.
-
Pacerier over 10 years@BloodPhilia, but surely it doesn't cost alot as well. With their revenue, it's practically free. So why do you reckon Google and Facebook don't use EV even when it is free?
-
Pylsa over 10 years@Pacerier There are plenty of arguments against EV-SSL you can find if you google it. Not the least one is the issue of incompatibility with older/low-end devices and software.
-
Arnold Roa over 7 yearsSo, we have the normal certificate, the green certificate and the green EV?
-
Arnold Roa over 7 yearsBut if i bought a normal certificate (DV) it will turn the green bar?
-
Tina almost 5 yearsDoes anyone know why sometimes the company name disappears? Mostly when in my CMS I add a title for the page? -
Chris Qiang almost 3 years@ArnoldRoa Normal Certificate can be self-sign, meaning you sign the certificate yourself. Green Certificate means certificate that are has been audited, and trusted by CA Root Program (e.g Mozilla CA Program, Microsoft Trusted Root Program, etc...) and Green EV means the one (meaning, you) that ask for a certificate get validated with extra steps (EV = Extended Validation); thus increase the trustability of the issued certificate.
