Overview

SSL certificates represent the underpinnings of trust in most Web and Internet transactions. As such, there is great responsibility for globally trusted certificate authorities like SSL.com to perform accurate but timely validation checks so that legitimate entities can continue to operate in a secure and trusted manner.

Validation Types

Depending on which SSL.com certificate is issued, different validation requirements need to be met in order for all parties to maintain strict adherence to SSL.com’s Certification Practices Statement. At minimum, the customer (or subscriber) will be required to validate domain control by responding to an email sent to a predetermined email address. The customer purchasing the SSL.com certificate may be required to submit validation artifacts and documents attesting to the ownership of or authorization to represent the original entity who registered the domain name listed as the subject in the ssl certificate.

Domain Control Validation

applies to certificates

Free SSL

validation level

minimal

description

An email from SSL.com Validation Services is sent to a predetermined email address associated with the domain name represented by the ssl certificate. A user with access to the email address then clicks on a link embedded within the email. This will confirm that the customer or authorized party has control of the domain name.

Click here to learn what email address choices can be used, as well as more details on SSL.com’s DV validation requirements.

Organization Validation

applies to certificates

Multi-subdomain Wildcard SSL, Multi-domain UCC SSL

validation level

high assurance

description

To supplement domain control validation, high assurance validation utilizes supporting documentation to provide additional assurance that the customer owns or is authorized to represent the organization listed as the owner of the domain. The documents can be submitted through each SSL.com certificate’s order page or through the the SSL.com RESTful API. The accepted documents are as follows:

• Articles of Association
• Business License
• Certificate of Compliance
• Certificate of Incorporation
• Certificate of Authority to Transact Business
• Tax Certification
• Corporate Charter
• Official letter from an authorized representative of a government organization
• Official letter from office of Dean or Principal (for Educational Institutions)

Extended Validation

applies to certificates

Enterprise EV SSL, Enterprise EV Multi-domain UCC SSL

validation level

highest standard

description

Extended validation ssl certificate represent the highest in security standards for SSL.com. EV SSL certificates that have gone through the extended validation progress display the browser address bar with a green background. In addition to using domain control and organization validation, extended validation requires that an authorized signer submit a completed EV SSL request form which can be found below:

EV Authorization Form (click here to download form)