CertSimple 5: 'Doing Business As' support, instant rekeying, flat pricing

Getting closer to our goal

By Mike on 30th Jan 2017

CertSimple do EV HTTPS: the certificates that match a real-world business to a website. There are a number of other recent HTTPS innovations with their own focus: most people know Let's Encrypt (automated free DV certs), but there's also SSLMate (command line ordering and management), Expedited SSL (HTTPS for Heroku and other PaaSs), AWS Certificate Manager (integration with AWS), and soon Google Trust Services. They're all fantastic and deeply preferable to Symantec, Comodo or GoDaddy. If you'd like to prove a real company controls a website, that's our specialty.

The first version of CertSimple was announced on Hacker News in March 15 2015. Originally there were just two features: an EV-focused workflow that collected company details before payment, and instant creation of keys with a single paste, avoiding the openssl back-and-forth on Unix, or clicking through Certificate Manager on Windows.

In April 2015 we made our first major changes: adding live checking of government data in 63 countries, and started looking for inconsistencies between data sources before payment. We also built a QIIS engine that handles connection between customers and the various business directories used for EV verification, further speeding up our verification times.

In Nov 2015 we were the first company to do webcrypto based certificate creation, allowing customers to get on with the background checks without needing an engineer on hand to create the keypairs, started updating EV progress in realtime, and added scans of customer infrastructure to automatically determine the best place to terminate their HTTPS given their CDN / PaaS / IaaS / webserver.

In July 2016 we removed large chunks of our UI to speed up the application process. In September we switched to ECC as default working with our CA to provide a full ECC EV chain (and letting them know about some SCT bugs with the new intermediary they created in the process), providing both stronger and faster encryption - the latter being particularly relevant for mobile devices.

Making CertSimple feels like chiseling away at a large block, with a shape slowly emerging: enabling real companies to prove they control their web sites, nearly instantly.

We're not there yet, but sometimes hard things are worth doing.

We launched CertSimple version 5 earlier this month. Here's what's new:

'Doing Business As' support in relevant countries

CertSimple has previously focused on companies who get validated purely under their legal name, rather than a 'trading' or 'doing business as' name. If customers emailed us about Doing Business As names, we'd provide unofficial support, but this wasn't ideal for a number of reasons:

As of January 24, we now provide a dedicated EV HTTPS DBA UI for countries which support them.

If the customer chooses this option, this immediately:

Simpler viewing of domain names

As we get more larger customers, we're starting to have more with a large number of domain names. Alphabetical sorts don't work for DNS: au.company.com belongs after company.com not before. Additionally many customers want to immediately see if the 'www' variant of a name is included immediately after seeing the non-www variant. We've implemented heirarchical, www-normalised sorting of DNS names throughout our admin panel.

Instant rekeying

Rekeying is generally the most difficult part of certificate management - particularly for less technical users. CertSimple v5 allows customers to instantly generate keypairs in their browser, and rekey with them using webcrypto. If customers prefer, our instant-paste openssl and powershell scripts are still available too.

Flat pricing: no more 'single domain' / 'multi domain' orders

Most traditional HTTPS cert providers still in terms of 'single' and 'multidomain' certificates. But this hasn't been a real distinction in years: actual 'single domain' and 'multi domain' certificates no longer exist. Our entire pricing is flat now and many common cert combinations (eg, domain name, www and an additional name) are now cheaper as a result.

'Single' and 'multi' domain name certificates are the same thing. Removing the distinction makes pricing simpler, certs cheaper, and adding domain names easier.

We're already working on the next release of CertSimple.

As always, If you've got questions, ideas or feedback, here's my email address - Mike.

Mike MacCana, founder at CertSimple.

CertSimple makes EV HTTPS fast and painless.

An EV HTTPS certificate verifies the company behind your website. But getting verified is a slow painful process. CertSimple provides EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide verification steps specific for your company, update in realtime during the process, and even check your infrastructure to help you set up HTTPS securely.
Verify your site now!