Validation Requirements
Extended Validation SSL achieves the highest level of consumer trust through the strictest authentication standards of any SSL certificate. Extended Validation verification guidelines require GeoTrust to obtain and verify multiple pieces of identifying information about Extended Validation Certificate Approver.
To ensure your SSL Certificate request is processed quickly, you will be required to provide the authentication documents described below.
Steps to Obtain EV Authentication
- Complete the True BusinessID with EV Enrollment to obtain a GeoTrust Order ID.
- The following authentication requirements will be carried out to ensure your order can be processed.
A. Organization Authentication Requirements
The following entities are eligible to receive an EV Certificate provided they are currently registered with and approved by an official registration agency in their jurisdiction. The resulting charter, certificate, license or equivalent must be verifiable through that registration agency.
- Government agencies
- Corporations
- General partnerships
- Unincorporated associations
- Sole proprietorships
GeoTrust must be able to confirm all of the following organizational registration requirements:
- Official government agency records must include:
- The organization's registration number.
- The organization's date of registration/incorporation.
- The organization's registered address.
- A non-government data source (such as Dun & Bradstreet) must include the organization's place of business address if it is not included in the Government agency records
- If the organization has been registered for less than three years, GeoTrust must verify operational existence through one of the following means:
- Through a non-government data source (such as Dun & Bradstreet)
- or - - By verifying the organization has an active demand deposit account (such as a checking account) with a regulated financial institution through a Lawyer’s Opinion Letter or directly with the financial institution.
B. Domain Authentication Requirements
To qualify for an Extended Validation SSL Certificate, domain registration details must reflect the full Organization name as included in the certificate request. Where domain registration does not reflect the organization name as identified in the certificate request, positive confirmation of the Organization's exclusive right to use the domain name is required from the registered domain administrator or with a Lawyer Opinion Letter.
- The domain must be registered with ICANN or IANA registrar (for CCTLDs). Domain registration details must be updated to reflect the organization name as included on the certificate request.
- Where domain registration is private, the domain registrar is required to unblock the privacy feature.
- The Organization's certificate approver must confirm knowledge of the organization's domain ownership during the verification call.
C. Organization's Certificate Approver Authentication Requirements
To qualify for an Extended Validation SSL Certificate, the Certificate Approver identified in the certificate request must be employed by the requesting organization and have appropriate authority to obtain and delegate Extended Validation certificate responsibilities.
Notes:
- Employment and authorization cannot be verified through the organization's web site.
- If the Certificate Approver identified in the certificate request is listed in government records as a corporate officer (such as Secretary, President, CEO, CFO, COO, CIO, CSO, Director, or equivalent), then organizational contact employment and authorization can be approved without verifying this information as described below.
GeoTrust must be able to confirm all of the following Certificate Approver requirements:
- Certificate Approver's identity, title, and employment through an independent source.
- Certificate Approver is authorized to obtain and approve EV certificates on behalf of the Organization. This can be verified through one of the following methods:
- A Lawyer's Opinion Letter
- A Corporate Resolution
- Directly contacting the CEO, COO, or similar executive at the organization and confirming the authority of the organizational contact. If no public records are available regarding the CEO, COO, or other executive, GeoTrust will attempt to contact the organization’s Human Resources department for contact details.
D. Order Verification Requirements
GeoTrust must verify the certificate request and all certificate details with the Certificate Approver identified in the certificate request. GeoTrust must contact the Certificate Approver using an independently-verified telephone number.
This telephone number is obtained through one of the following methods:
- By researching qualified telephone databases to find a telephone number. Ensure your organization’s primary telephone number is listed in a public telephone directory.
- As provided in a Lawyer's Opinion Letter.
- As confirmed during a site visit conducted by GeoTrust.
During the verification call, GeoTrust must verify the following with the Certificate Approver:
- The name of the Certificate Requestor identified in the certificate request and his or her authority to obtain the Extended Validation certificate on behalf of the organization.
- Knowledge of the company's ownership and right to use the domain identified in the certificate request.
- Approval of the Extended Validation SSL Certificate request.
- Acknowledgement of signature of GeoTrust SSL Certificate Subscriber Agreement that includes all Extended Validation terms and conditions.
E. Additional Verification requirements
If GeoTrust is unable to verify any of the required information on your certificate application, we may request you to provide a professional opinion from a lawyer or accountant to verify the information.