How do I get my site verified such that it shows a green box in Chrome's address bar?

The 'green box' in the Chrome address bar isn't anything to do with verification by Google - as Stephen alluded to in the comments on your question, it's an indication that your site has an Extended Verification (EV) security certificate.

The 'green box'

This is generally a 'premium' SSL product offered by many SSL certificate providers. To get one of these certificates, the best place to start is usually your web host, who can handle the entire process of generating a certificate signing request, purchasing the certificate for you, and installing it. It is sometimes possible to do this yourself through your web hosting control panel, but you'll need to know your way around it to do this.

If you do decide to go down the route of doing it yourself, most trusted certificate providers should be able to provide you with an EV certificate. These include companies such as Comodo, Thawte, Verisign and many others. Typically they also provide instructions for setup on popular hosting control panels.


As Tim Malone said, this is a special type of SSL certificate that is usually sold at a premium by certificate authorities. The going rate is usually at least a couple of hundred dollars.

What Tim did not mention, and part of the reason for the elevated price, is that there is a certain amount of paperwork involved that has to be submitted to and checked by the CA that you are purchasing the certificate from. This paperwork usually includes verifying that the business requesting the certificate is duly registered with the state or country, getting an executive from the company to sign off on the request, and possibly other things. Unlike other certificates, you can't just purchase it, do a five-minute automated verification, and have the certificate installed within a few hours at most. These certificates are called "Extended Validation" for a reason - everything must be checked to make sure that the person requesting the certificate works for the company they are requesting it for and has the authority to be requesting it.


I think this question deserves a bit more background... There's different types of SSL/TLS certificates that can be issued by a Certificate Authority (CA), who basically acts like a notary, certifying that the domain you're accessing, is really the real site, and you're accessing it securely.

When you access a site that uses HTTPS, the site's server will send its SSL/TLS certificate and which the browser will check. A "Green lock" showing up means the site's certificate is valid, (signed by a CA), and the entire contents of the page and the connection is encrypted. A green lock tells that you are actually connected to the actual real server used by that domain.

The other type of "green lock" has the name of the business entity, and is an Extended Validation (EV) SSL/TLS certificate that is valid. Only businesses can apply for EV certificates, and these involve a more thorough issuing process by a Certificate Authority (CA) who basically really makes sure that the site google.com is actually owned by Google, Inc.

See the difference between the two: enter image description here

Often, static websites that aren't very complex, or don't store passwords, or sensitive info don't really need (but are highly encouraged) to encrypt their traffic using HTTPS and SSL certificates. As stated in that question, using HTTPS doesn't just secure the connection, but also provides authenticity which is important even for simple static sites.

For personal websites, you can get a regular DV (Domain Validation) SSL/TLS certificate. The way to do this depends on where your site is hosted, but the gist of it is you need to create a private key (2048-bit please) and with it create a Certificate Signing Request (domainame.csr) file to send to a CA to issue/sign you a certificate. After you have the CA-signed public certificate, and your private key, you tell your web server where they are, and to use SSL/TSL, the details vary depending your setup.

You can use startssl.com, to get a regular SSL certificate for free, btw. HTH

Tags:

Https

Web Hosting

Domains

Security Certificate

Related

.htaccess how to redirect the contents of a directory to a subdirectory What's the difference between "landing page" and "starting page" in Behaviour Flow? Does text-shadow CSS affect SEO ranking by risking a cloaking penalty? Why create a fake duplicate / clone website? Can keywords in the URL path be separated by commas for Google? How does smart DNS proxy work? What are the friendly/rich URLs in Google Search result snippets called? How can I use robots.txt to disallow subdomain only? BlogPosting Publisher Logo 'logo.itemtype has an invalid value' on Google Structured Data Testing Tool Does server location and geo location based on IP impact SEO? Speed comparison - absolute vs relative path links How to get social profile links to show up in a business listing aka "Knowledge Graph" on the right of the Google search results?

Recent Posts