Documents Require for OV SSL & Code Signing

To issue an Organization validated SSL certificate the issuer need to submit valid business documents which helps Certificate authority to understand that business is genuine. Certificate issuer have to submit same documents to issue an Organization validation & Code Signing Certificate.

OV SSL and Code Signing Certificate Validation

1) Issuer’s Identify Verification

Issuer as Business

• Issuer’s legal creation, recognition or existence record from a government agency
• An Attestation Letter approved by Certificate Authority
• CA considers an updated third party database as legal data source for identification
• Website must be live, CA or Third party may visit it too…

Officially approved data sources: QIIS (Qualified Independent Information Source)

• https://www.dnb.com/
• https://www.gov.uk/government/organisations/companies-house

Organization Address Verification

• Legal business license with address issued by government
• Article of incorporation with address
• Recent bank statement
• Recent Telephone/Landline or Internet Bill
• Recent major utility bills (Electricity, water, etc…)
• Current lease agreement with address (optional)

Issuer as Individual

Issuer’s address verification

• Issuer’s passport, license or other copy
• Any utility paid for that organization (Telephone bill, electricity bill, tax bill, etc…)

2) Domain Registrar Verification

• Require to verify WhoIs verification of that domain.

3) Domain Control Validation (DCV)

4) Verification via Call

• Certificate authority call back to the issuer on the given business phone number. But the phone number should follow below criteria.
  • Must be added in a third-party database
  • Must be added in government databases
  • Must be added in accountant letter or legal opinion letter.

Once the certificate authority completes the above verification process and if they’re satisfy with that, they will approve issuer’s request for the SSL Certificate.

AboutSSL’s Best Stuff