Getting Your SSL Certificate Issued
A trust hierarchy demands that entities "vouch" for each other. Companies that issue SSL Certificates are in the business of establishing that entities on the internet are, in fact, who they claim to be.
The potential for criminal activity on the internet (in relevance to SSL), is in the online hijacking of websites or connections to syphon encrypted data. Persons so inclined can easily copy website interfaces and pose as well known vendors, simply to collect data. The use of an SSL Certificate prevents this from occurring because we will only issue an SSL Certificate to a legitimate entity.
There are new, low cost alternatives in which SSL Certificates can now be issued quickly. These SSL Certificates verify that the holder is the owner of that domain, ensuring customers that the owner of the SSL Certificate is who they claim to be.
We use various validation procedures, such as real-time automated e-mail verification. Domain Validated SSL Certificates are validated and usually issued in real-time using the automated "Approver E-Mail" verification system.
Domain Validation (DV) Requirements
Domain Validated SSL Certificate products are authenticated using the Approver E-Mail verification system. Orders for major corporations, well known trademarks and financial institutions may be queued for further security reviews prior to issuance.
In the event an order is queued for review the administrative contact must be a full time employee of the company for successful issuance. A verification telephone call with the administrative contact may be required.
Approver E-Mail Verification System
When choosing to purchase a Domain Validated SSL Certificate an approver will be chosen during the ordering process. We will send an Approver E-Mail to the designated approver. The following generic e-mail addresses are currently able to be used :
The above addresses are generic addresses. Applicants must choose a generic address to prove that they administer the domain name purchasing the SSL Certificate. If we are able to retrieve the contact e-mail address from the WHOIS database it can also be used.
If during the ordering process we are unable to retrieve the contact e-mail address from the WHOIS database, please proceed by choosing a generic address and then Contact Us as it may be possible for us to manually update the order with the contact e-mail address from the WHOIS database.
Organization Validation (OV) Requirements
Organization Validated SSL Certificate products assist with consumer confidence as they require strict authentication and include an organization name within the SSL Certificate.
During the ordering process you must ensure the organization you specify is an active entity and can be confirmed by the government authority responsible for registering entity within the specific jurisdiction.
An exact match between the organization name specified during the order process and the government authority is required.
Extended Validation (EV) Requirements
Extended Validation SSL Certificates achieve the highest level of consumer trust through the strictest authentication standards of any SSL Certificate. Extended Validation verification guidelines require us to obtain and verify multiple pieces of identifying information.
To ensure your SSL Certificate request is processed quickly, you will be required to provide authentication documents. More Information
Manual Verification For OV & EV
Organizational Validated (OV) and Extended Validated (EV) products require manual verification. When a product requires manual verification certain requirements must be met and will be stated within the product information pages.
Sample documents that may be required to support the SSL Certificate application are :
» Articles Of Incorporation
» Fictitious Name / Doing Business As Document
» Business Licensing
» Bank Statement
» Merchant Account Statement
» Utility & Telephone Bills
The administrative contact of the order will be contacted for further information if documentation is required.
A verification telephone call with the administrative contact will usually be required before issuance. The telephone number must be publically listed in an approved telephone directory.
It is recommended that the organization be listed at Dun & Bradstreet as it is one of the world's leading sources of commercial information and insight on businesses - which external companies rely on to make critical business decisions.
Order Queuing & Fraud Prevention
In the event an authentication procedure fails or our system suspects possible fraudulent activity, the order may be queued for manual review. Also, occasionally orders are randomly queued for manual review. Please Contact Us if your order is queued and you require further assistance.
Authentication engines are programmed to automatically flag certain orders for a quality review before issuance. The system looks for specific information within new and renewal orders. For example, orders from certain countries or containing certain words may be flagged.