Extended Validation SSL Issuance Requirements
Extended Validation SSL achieves the highest level of consumer trust through the strictest authentication standards of any SSL certificate. Extended Validation verification guidelines require Certificate Authorities to obtain and verify multiple pieces of identifying information about Extended Validation Certificate Approver.
To ensure your SSL Certificate request is processed quickly, you will be required to provide the authentication documents described below.
Steps to Obtain EV Authentication
- Complete the online enrollment process to obtain an ID.
- The Organization's approver (identified in the EV certificate order) must sign and submit the appropriate Acknowledgement of Agreement form ( often a PDF form)
- Following receipt of the AA form, the following authentication requirements will be carried out to ensure your order can be expediently processed:
A. Organization Authentication Requirements
The following entities are eligible to receive an EV Certificate provided they are currently registered with and approved by an official registration agency in their jurisdiction. The resulting charter, certificate, license or equivalent must be verifiable through that registration agency.
- Government agencies
- Corporations
- General partnerships
- Unincorporated associations
- Sole proprietorships
The certificate authority must be able to confirm all of the following organizational registration requirements:
- Official government agency records must include:
- The organization's registration number.
- The organization's date of registration/incorporation.
- The organization's registered address (or the address of the organization's registered agent).
- A non-government data source (such as Dun & Bradstreet) must include the organization's place of business address if it is not included in the Government agency records
- If the organization has been registered for less than three years, the certificate authority must verify operational existence through one of the following means:
- Through a non-government data source (such as Dun & Bradstreet)
- or - - By verifying the organization has an active demand deposit account (such as a checking account) with a regulated financial institution through a Lawyer's Opinion Letter or directly with the financial institution.
B. Domain Authentication Requirements
To qualify for an Extended Validation SSL Certificate, domain registration details must reflect the full Organization name as included in the certificate request. Where domain registration does not reflect the organization name as identified in the certificate request, positive confirmation of the Organization's exclusive right to use the domain name is required from the registered domain administrator or with a Lawyer Opinion Letter.
The domain must be registered with ICANN or IANA registrar (for CCTLDs). Domain registration details must be updated to reflect the organization name as included on the certificate request.
- Where domain registration is private, the domain registrar is required to unblock the privacy feature.
- The Organization's certificate approver must confirm knowledge of the organization's domain ownership during the verification call.
C. Organization's Certificate Approver Authentication Requirements
To qualify for an Extended Validation SSL Certificate, the Certificate Approver identified in the certificate request must be employed by the requesting organization and have appropriate authority to obtain and delegate Extended Validation certificate responsibilities.
Notes:
- Employment and authorization cannot be verified through the organization's website. If the Certificate Approver identified in the certificate request is listed in government records as a corporate officer (such as Secretary, President, CEO, CFO, COO, CIO, CSO, Director, or equivalent), then organizational contact employment and authorization can be approved without verifying this information as described below.
The certificate authority must be able to confirm all of the following Certificate Approver requirements:
- Certificate Approver's identity, title, and employment through an independent source.
- Certificate Approver is authorized to obtain and approve EV certificates on behalf of the Organization. This can be verified through one of the following methods:
- A Lawyer's Opinion Letter
- A Corporate Resolution
- Directly contacting the CEO, COO, or similar executive at the organization and confirming the authority of the organizational contact. If no public records are available regarding the CEO, COO, or other executive, the certificate authority will attempt to contact the organization's Human Resources department for contact details.
D. Order Verification Requirements
The Certificate Authority must verify the certificate request and all certificate details with the Certificate Approver identified in the certificate request. The Certificate Authority must contact the Certificate Approver using an independently-verified telephone number.
This telephone number is obtained through one of the following methods:
- By researching qualified telephone databases to find a telephone number. Ensure your organization's primary telephone number is listed in a public telephone directory.
- As provided in a Lawyer's Opinion Letter.
- As confirmed during a site visit conducted by the Certificate Authority
During the verification call, the Certificate Authority must verify the following with the Certificate Approver:
- The name of the Certificate Requestor identified in the certificate request and his or her authority to obtain the Extended Validation certificate on behalf of the organization.
- Knowledge of the company's ownership and right to use the domain identified in the certificate request.
- Approval of the Extended Validation SSL Certificate request.
- Acknowledgement of signature of the Certificate Authority SSL Certificate Subscriber Agreement that includes all Extended Validation terms and conditions.
E. Additional Verification requirements
If the Certificate Authority is unable to verify any of the required information on your certificate application, we may request you to provide a Professional opinion from a lawyer or accountant to verify the information.
GeoTrust True BusinessID with EV Only Extended Validation SSL Certificates trigger the green bar in high-security web browsers.
|
|
||||||
GeoTrust True BusinessID Multi-Domain EV
With a GeoTrust True BusinessID Multi-Domain with EV certificate, you can add, edit, or delete up to 25 domain names over the lifetime of the certificate and get the aded protection of Extended Validation. EV SSL Certificates trigger the 'green bar' in high-security web browsers. Add, edit or delete any additional domain names to the Subject Alt Name (SAN) field during the enrollment process or at anytime during the lifecycle of the certificate. Designed for Microsoft Exchange or Microsoft Communications Servers, this Unified Communications Certificate is also ideal for shared hosting environments, QA testing environments, and small businesses with multiple business applications to secure on a single server. |
|
Thawte SSL Web Server Certificates with EV Only Extended Validation SSL Certificates trigger the green bar in high-security web browsers. Thawte SSL Web Server Certificates with EV enable the most visible security indicator: the green address bar in high-security browsers, assuring users that your site is secure and your identity has been authenticated to the industry's highest standard. When customers see the green address bar and the Thawte Trusted Site Seal, they gain the confidence to complete their transaction. SSL Web Server Certificates with EV include Extended Validation, the Thawte Trusted Site Seal, free reissues, and a 30-day money back guarantee. |
|
Digicert Secure Site with EV SSL Certificates protect the transfer of sensitive data on websites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption (the highest that each individual browser will allow). The Digicert Secure Site Pro EV SSL Certificate includes a $100,000 warranty and the Norton Secured Seal. |
|
||||
Digicert Secure Site Pro With EV
Digicert Secure Site Pro with EV SSL Certificate provides minimum of 128-bit and up to 256-bit encryption and more than 99% browser recognition. Digicert Secure Site Pro with EV SSL Certificate is enabled by Server Gated Cryptography to help ensure strong encryption to site visitors. Includes $1,750,000 warranty and the Digicert Secured Seal. Extended Validation triggers the display of the green address bar in the latest high-security browsers, and True 128-bit SSL Certificates enable every site visitor to experience the strongest SSL encryption available to them. ALL Digicert Secure Site Pro EV SSL Certificates include ECC Algorithm Support. Elliptic Curve Cryptography (ECC) creates encryption keys based on the idea of using points on a curve to define the public/private key pair. It is difficult to break using the brute force methods often employed by hackers and offers a faster solution with less computing power than RSA encryption. |
|
EV SSL Certificates
SSL Certificates
- Digicert Secure Site
- Digicert Secure Site Pro
- Digicert Secure Site EV SSL
- Digicert Secure Site Pro EV SSL
- Digicert Wildcard Certificate
- Digicert SAN SSL Certificates
- Digicert Algorithm Agility
- Compare Digicert SSL Certificates
- Thawte SSL123 Certificate
- Thawte SSL Web Server Certificate
- Thawte SSL Web Server Wildcard
- Thawte SSL Web Server EV SSL
- Thawte SAN Certificates
- Compare Thawte SSL Certificates