Select your language

Different validation processes

While domain-validated SSL certificates (including FreeSSL) are simply checked to see whether they have access to the respective domain name, Organization Validation (OV) certificates and SSL certificates with Extended Validation (EV) undergo a stringent validation and verification check.

For this reason, the processing time from the placing of the order to the issuing of these SSL certificates depends on whether the information submitted with the order is accurate and complete and how quickly the customer responds to requests for any further information.

The process from the order through to the final issuing of the SSL certificate differs depending on whether you order an Organization Validation or Extended Validation certificate.​

Validation process for Organization Validation (OV) SSL certificates

1. Organisation Authentication

The certificate issuer verifies the name, registration and good standing of the Organisation you listed in the CSR. It checks with the appropriate Government Registration Agency in the Organisation's country, state or (in some cases) city of jurisdiction. If you are a Sole proprietor and don't have a registered business name, the issuer may request additional documentation.
2. Domain Authentication
DNS, file or e-mail validation is used to check whether the corresponding domain belongs or may be used by the applicant.
3. Verification call

The certificate issuer calls your Organisational or Technical Contact (employer only) using a "third-party" public telephone listing for the Organisation within the country listed on the CSR. If the issuer is unable to reich either contact, a voicemail is left on the contact's personal voicemail or an E-Mail is sent with instructions on how to contact the issuer to complete the final verification.
4. Issueing of Certificate
Congratulations! The Organisational Validated Certificate will be issued!

Validation process for Extended Validation (EV) SSL certificates

1. Organisation Authentication

The certificate issuer verifies the name, registration, and good-standing status of the Organisation listed in the CSR. The issuer checks with the appropriate Government Registration Agency in its country, state or (in some cases) city of jurisdiction.
2. Operational Existence

The certificate issuer verifies that the enrolling Organisation has the ability to engage in business. Operational Existence is satisfied if the Organisation has been registered and in existence for over 3 years. If your business is less than 3 years old, the issuer may request alternative documentation.
3. Address Verification

The certificate issuer checks the physical business address listed on a certificate enrollment. This must be a physical address and not a P.O. Box, Lock Box, or care of address.
4. Telephone Verification

The certificate issuer looks up your telephone number using a "thirs-party" public listing for the Organisation at the verified address.
5. Domain Authentication
DNS, file or e-mail validation is used to check whether the corresponding domain belongs or may be used by the applicant.
6. Confirmation of Employment

The Organisational Contact must be verified to work for the Organisation requesting the certificate AND be authorised to get an EV Certificate for the Organisation.
Note: Contractors or temporary staff are not allowed to obtain EV Certificates.
7. Verification call

The certificate issuer calls your Organisational Contact (employees only) using a "third-party" public telephone listing for the Organisation within the country listed on the CSR. If the issuer is unable to reach the contact, a voicemail is left on the contact's personal voicemail or an E-Mail is sent with instructions on how to contact the issuer to complete the final verification.
8. Issueing of Certificate
Congratulations! The Extended Validation Certificate will be issued!
Please use this form only to provide feedback on the above guide.
For support requests please use this form instead.

 

 

© 2001 - Hostpoint AG