Web Analytics

SSL/TLS Validation Requirements

SSL/TLS Validation Requirements

Expedite Issuance while Maintaining SSL.com Certificate Compliance

Overview

SSL certificates represent the underpinnings of trust in most Web and Internet transactions. As such, there is great responsibility for globally trusted certificate authorities like SSL.com to perform accurate but timely validation checks so that legitimate entities can continue to operate in a secure and trusted manner.

Validation Types

Depending on which SSL.com certificate is issued, different validation requirements need to be met in order for all parties to maintain strict adherence to SSL.com’s Certification Practices Statement. At minimum, the customer (or subscriber) will be required to validate domain control by responding to an email sent to a predetermined email address. The customer purchasing the SSL.com certificate may be required to submit validation artifacts and documents attesting to the ownership of or authorization to represent the original entity who registered the domain name listed as the subject in the ssl certificate.

Domain Control Validation
applies to certificates
Free SSL
validation level
minimal
description
An email from SSL.com Validation Services is sent to a predetermined email address associated with the domain name represented by the ssl certificate. A user with access to the email address then clicks on a link embedded within the email. This will confirm that the customer or authorized party has control of the domain name.
Click here to learn what email address choices can be used, as well as more details on SSL.com’s DV validation requirements.
Organization Validation
applies to certificates
Multi-subdomain Wildcard SSL, Multi-domain UCC SSL
validation level
high assurance
description

To supplement domain control validation, high assurance validation utilizes supporting documentation to provide additional assurance that the customer owns or is authorized to represent the organization listed as the owner of the domain. The documents can be submitted through each SSL.com certificate’s order page or through the the SSL.com RESTful API. The accepted documents are as follows:

  • Articles of Association
  • Business License
  • Certificate of Compliance
  • Certificate of Incorporation
  • Certificate of Authority to Transact Business
  • Tax Certification
  • Corporate Charter
  • Official letter from an authorized representative of a government organization
  • Official letter from office of Dean or Principal (for Educational Institutions)
Extended Validation
applies to certificates
Enterprise EV SSL, Enterprise EV Multi-domain UCC SSL
validation level
highest standard
description
Extended validation ssl certificate represent the highest in security standards for SSL.com. EV SSL certificates that have gone through the extended validation progress display the browser address bar with a green background. In addition to using domain control and organization validation, extended validation requires that an authorized signer submit a completed EV SSL request form which can be found below:
EV Authorization Form (click here to download form)

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.