Chrome 96 - How to tell if a website is using an EV SSL certificate?

google-chrome certificate ssl ssl-certificate

EV certificates have a specific policy OID in their "Certificate Policies" extension.

These policy OIDs vary by CA (e.g. for Entrust it's 2.16.840.1.114028.10.1.2, meanwhile for DigiCert it's 2.16.840.1.114412.2.1) as they reference policy documents published by each issuing CA. There is a common "CA/B Forum EV Guidelines" policy OID 2.23.140.1.1 which may be used alongside or in addition to CA-specific policies, but it's not actually guaranteed to be present.

As CAs must be pre-approved to issue EV certificates, browsers recognize them by having a list of specific CAs and their respective policy OIDs; for example, here's the Firefox list.

Your website's certificate has both the 2.16.840.1.114028.10.1.2 (Entrust) and 2.23.140.1.1 (CA/B Forum) EV policy OIDs, and its issuer is at least in Mozilla's EV-approved CA list, making it an EV certificate.

(As an additional hint, an EV certificate's "Subject" field will typically include very detailed information about the subject, such as the serialNumber= and businessCategory= fields. This doesn't automatically indicate it's an EV certificate, but is rarely if ever seen for non-EV certs.)

Related

Pipe STDOUT to an image?
get mplayer to start with a default volume other than 25%
How to install an old Logitech QuickCam 4000 on Windows 10
Windows 10 Powershell tree command, how to show files
Can't access encrypted files after reboot on Windows 10
xfdesktop error after inactivity "None of the screen lock tools ran successfully, the screen will not be locked"
Can hide Terminator but can't show it again?
Postfix warning: hostname [unknown host] does not resolve to address [unknown ip]
Last Logon Time of All Users - RDP server not on a domain
SQL Server 2000 daily backup, need advice
How to close an open relay in Postfix?
Issue creating Exchange 2013 Default Profile using Office Customization Tool