Hello – I’m just learning about the different types of SSL certificates. Our application needs to have an Organization Validation (OV) or Extended Validation (EV) certificate at least. However, (I think) the SSL certificate that is automatically generated by Galaxy is a simple Domain Validation (DV). Can anybody who went through the same process to obtain an OV or EV certificate explain how they did it?
Did not get a custom certificate, but Galaxy uses Let’s Encrypt. If you need something custom, you usually have to buy it from a certificate authority, then you can upload that certificate in the Galaxy domain settings.
Hi @belfigue, what’s your use case for the OV/EV certificate? If you can explain more about it you may be able to receive more useful advice.
Hi @AdrianL – our app needs to access users’ data stored at a third-party app. The authorization process is hosted on the third-party app. This third-party app checks our SSL certificate (among other things) as a way to display “verifiable” information about our app, which in turn improves the users’ trust and increases the likelihood that they will choose to give us access to their data. From their documentation, they accept both OV and EV certificates.
Thanks for the explanation. Based on our experience obtaining a slightly different certificate but for a similar “trust” use case, I think whichever provider you choose will be able to guide you on the purchase process.
Once you have your certificate, it is very simple to upload it to Galaxy. When you set up your domain in Galaxy you can select “Use Custom Certificate” and then upload your key and cert. You can also replace an existing Let’s Encrypt cert with your own custom one if you already have the domain set up. At least that’s how it is for our “Professional” account, not sure if the lower tiers work the same.