Comodo, today become one of the most trusted and highly used SSL Certificate brand. Over 34% world users have adopted SSL & security products of Comodo. Comodo offers domain validated, Organization validation and Extended validated SSL certificate for website security, it also offers code signing certificates for software and application security. Comodo SSL Certificate comes up with wildcard and multi domain features.
Let’s see what documents Comodo asks from issuer for Domain and Business validation.
1) Comodo Documents for Domain Control Validation
DCV (Domain control validation) can be done through one of following ways
- HTTP(S) based verification
- DNS CNAME based verification
- Email based verification
HTTP(S) based verification: During CSR Generation, the CSR value will be Hashed. Now you need to keep that hash value in a simple file and upload it in to your root directory.
The Hash value file will be like (For Single Domain)
- http://domain.com/<Upper case value of MD5 hash of CSR>.txt
for Wildcard Domains the file structure will be like
- subdomain1.domain.com/<Value of MD5 hash of CSR>.txt
- subdomain2.domain.com/<Value of MD5 hash of CSR>.txt
DNS CNAME based verification: During CSR Generation, the CSR value will be Hashed. Now this hash value must be added in your domain as DNS CNAME method.
The hash value as per DNS CNAME method
- <Value of MD5 hash of CSR>.yourdomain.com. CNAME <value of SHA2 hash of CSR>.comodoca.com.
In above example the after ……. comodoca.com. the postfix full stop (.) is mandatory.
for Wildcard Domains the DNS CNAME method will be like
- <Value of MD5 hash of CSR>.subdomain1.yourdomain.com. CNAME <value of SHA2 hash of CSR>.comodoca.com.
- <Value of MD5 hash of CSR>.subdomain2.yourdomain.com. CNAME <value of SHA2 has of CSR>.comodoca.com.
EMail-based verification: Comodo will send an email address to the registered email address, you just need click on that link for verification.
Valid Email address prefix are
2) Comodo Documents for Organization Validation & Code Signing Certificate
-> Identity and Address verification
If SSL Certificate issuer is a Government Entity, Corporation or a registered business, Comodo verify his identity via following options
- Updated Third party database which are approved by QIIS (Qualified Independent Information Source) such as dnb.com, hoovers.com, companieshouse.gov.uk, etc.
- Attestation Letter
- A site which is visited by the Certificate authority or a third party who is acting as an agent for the CA
- Government Agency in the jurisdiction of the issuer’s legal existence, creation or recognition.
Comodo verify issuer’s address via following options
- Business License issuer by Government
- Incorporation article included with address
- Copy of business’s recent bank statement and phone bill
- Copy of any Utility bill (For example Electricity bill, Internet connection bill, etc.)
If the SSL issuer is an Individual, Comodo verify identify via following options.
- Copy of current Major utility bills (Electricity bill, Internet connection bill, telephone bill, etc.)
- Copy of government approved driving license or Passport
-> WhoIs Verification – to verify the domain name and its status.
-> Domain Control Validation
-> Phone number verification via phone call
For phone number verification, Comodo will give a call back to the registered number. It will be verify via following options.
- Third party Databases
- Government databases
- Accountant’s letter or form verified legal opinion letter.
If documents you have provided to Comodo fulfill their needs, Comodo will issue the certificate.
3) Comodo Documents for Extended Validation
In case of Extended validation, Comodo verifies all the legal business documents with government authority database, QIIS (Qualified Independent Information Source) or with accountant’s letter or verified legal opinion letter.
Business required for EV validation
- Operational Existence: Comodo will check company’s operational existence, and for that a company must have a current demand deposit account of a regulated financial institute.
- Verification of Business Identity and Legal Existence: Comodo will verify Business registration via incorporating or registration agency.
- Verification of Trade name: if an organization is conducting a business which owns a different name from the organization, Comodo will verify that Trade name. Note: the trade name must be verifiable and registered.
- Business Phone number verification
- Business Address verification
- Domain ownership verification
- Issuer’s name, title, business role, signature, etc. verification