GLOBALTRUST® SERVER identifies the legitimate operator of a server and enables encrypted data transmission. The extra strict organizational and identity checks give fraudulent websites of fake companies no chance of certification. Users automatically consider non-certified sites to be dubious. Internet browsers mark unencrypted pages as “not secure”. Consequently, search engines rank certified pages first. GLOBALTRUST® SERVER also offers an upgrade to EU-qualified security – a future-proof alternative to US offers, and that at sensational conditions.
SERVER EV QUALIFIED
with extended Validation (QWAC)
SERVER OV WILDCARD
Server Certificate, organizational Validation,
Make your web presence even more trustworthy!
GLOBALTRUST® offers all high-quality types of server certificates (SSL certificates) – eIDAS-qualified (QWAC), Extended Validated (EV), Organisation Validated (OV), for payment service providers as PSD2 variant. Depending on the number of servers operated, single or multi-domain certificates can be issued or an unlimited number of sub-domains can be covered by wildcard (OV WILDCARD). GLOBALTRUST® only supports algorithms that are considered reliable according to the state of the art. Web sites with server certificates are not only reputable and authentic, but are also ranked significantly higher by the leading search engines in return.
A few reasons for choosing GLOBALTRUST® SERVER….
- The use of qualified certificates will significantly improve your ranking in search engine results
- Particularly accurate verification of company data according to internationally recognised quality criteria
- The GLOBALTRUST® team solves every requirement and special request, no matter how complex
- GLOBALTRUST SERVER is compliant with all EU regulations, including the Payment Services Directive (“PSD2”) for financial service providers and therefore a future-proof alternative to US providers
- Avoid liability traps according to GDPR due to data leakage – encryption using the latest algorithms is considered a “particularly suitable means” of preventing data misuse
- In many areas encryption is an absolute “must-have”: health data, credit card data, e-mail, financial data,…
Which variant is the right one?
Depending on the scope of validation and the desired information in the certificate, GLOBALTRUST® offers different quality levels:
- GLOBALTRUST® SERVER OV:
The standard variant for businesses shows the verified organization name
- GLOBALTRUST® SERVER EV:
These certificates are considered particularly trustworthy and are ranked first in search engines. Browsers display the address bar or part of it in green on HTTPS pages with so-called “Extended Validation” (EV) certificates and provide additional information about the issuer. There is a particularly strict check of the organizational registration and applicant identity. In addition to the company or authority name, the company registration number or a comparable number, business category and a reference to the legal system at the company’s headquarters are entered. Optionally, the legally binding company address including zip code can also be included. Banks, insurance companies and public authorities have been relying on them for years. Currently they are increasingly used by online stores and eCommerce providers and replace the often questionable “quality seals” and store ratings.
- GLOBALTRUST SERVER QUALIFIED:
The expert variant for maximum trust: in addition to the strict EV criteria, an eIDAS-compliant review of the applicant is carried out. The certificate is – in addition to the EV information – also shown as an EU qualified certificate for website authentication (QWAC).
- GLOBALTRUST SERVER PSD 2:
eIDAS-compliant special variant can be used for open banking solutions by the special entries of licensed payment service providers.
How many domain names can be certified?
- Single domain: Secures one domain name or IP address. GLOBALTRUST® also provides www.example.com and mail.example.com free of charge upon customer request in addition to example.com.
- Multi-Domain: Secures example1.com, example2.com… Up to 250 domain names can be entered here.
- Wildcard: The special entry *.example.com certifies an unlimited number of subdomains – the base domain example.com will be added free of charge.
Legal prerequisites for a GLOBALTRUST SERVER certificate
With a few exceptions, anyone who operates a server can apply for a GLOBALTRUST SERVER certificate.
- Extended Validated (EV) and qualified certificates cannot be issued to unregistered businesses or to private individuals.
- PSD-2 certificates are reserved for payment service providers that are licensed by the Austrian Finanzmarktaufsicht or a corresponding national supervisory authority within the EU. (see ETSI 119 495 for guidance)
Technical prerequisites for a GLOBALTRUST SERVER certificates
To use a GLOBALTRUST SERVER Certificate, the server software used must support the SSL or TLS cryptographic methods. Apache and Microsoft Internet Information Server (MS IIS) and most other systems support these cryptographic methods, so a GLOBALTRUST SERVER Certificate can be used.
Mandatory: The applicant must generate a CSR themselves. The minimum key length is 2048, the key algorithm is RSA. For information on how to generate the CSR, please refer to the relevant documentation of the server application (application software). GLOBALTRUST® will check the CSR for compliance with the applicable legislation and recommendations.
Technical data overview
- Interoperability through conformity with X509v3 and RFC 5280
- worldwide verifiability of the certificate in audit-proof log servers according to Google’s and Apple’s Certificate Transparency Policy compliant with RFC 6962
- future-proof encryption with RSA 4096 or ECDSA secp256r1
- future-proof hash procedures: SHA-256, SHA-512, RIPE-MD160 or higher
- highly available status service via CRL and OCSP
- Installation instructions for the most important server programs, like Apache, NginX, IIS, openresty, MS-Exchange, Postfix, qmail, …
- ongoing implementation of browser requirements
- from 36,- EUR per year
- Validity: 1 year,
- For example.com, www.example.com and mail.example.com will be added free of charge
- In case of a change of provider, the overlapping term is free of charge
- special conditions for resellers and distributors