When requesting an SSL certificate, you will need to prove that you have the rights to use that domain. The level of checks done depend on which type of certificate you choose.
This is the highest level of authentication available with an SSL Certificate. The CA/Browser Forum, a consortium of Certificate Authorities and Browser manufacturers, developed this category of Web site authentication as an industry-wide standard. In order to be authorized to issue EV SSL Certificates, a CA must pass regular third-party audits confirming that it meets the requirements set out in this standard for validating the identity of certificate requesters. More information on the CA/Browser Forum and the EV standard is available at http://www.cabforum.org/. The CA requires a signed acknowledgement of agreement from the corporate contact listed on any order for an EV SSL Certificate. A company registration document may also be required if the we are unable to confirm the organizationís details through a government database. A legal opinion letter may also be requested to confirm the following details about the organization applying for the Extended Validation SSL Certificate:
- Physical address of place of operation
- Telephone number
- Confirmation of exclusive right to use the domain
- Additional confirmation of the organizationís existence (if less than 3 years old), and verification of the corporate contactís employment.
These are the standard methods of identity verification used to validate organizations for EV SSL Certificates, however, documentation requirements may vary depending on the information available on various approved online databases
This is a high assurance level of authentication. SSL Certificates with this level of authentication require verification of an organizationís existence through a government issued business credential. Usually the CA will get this independent verification by searching one of many government or private databases to which they have access. If they cannot find "proof of right" to do business in the stated name for a certificate requester, a copy of one of the following items may be requested:
- Articles of Incorporation
- Business License
- Certificate of Formation
- Doing Business As
- Registration of Trade Name
- Charter Documents
- Partnership Papers
- Fictitious Name Statement
- Vendor/Reseller/Merchant License
- Merchant certificate
- US Tax Licenses for non-profit organizations and sole proprietorships (in either case the state tax documents must list the organization as non-profit or sole proprietor)
Many CAs offer domain authenticated SSL Certificates. These lower assurance certificates are appropriate for organizations concerned primarily with encryption. Domain authenticated certificates are the lowest form of authentication available. An entity requesting a domain authenticated certificate will go through a process to help verify that they either own the domain requested or that they have the right to use that domain name. Additionally we will verify that the email address for the contact requesting the certificate is either listed in the WHOIS directory or meets the CA's predetermined email alias requirements.