Questions and concerns often arise during the validation of SSL certificates. Each SSL type requires a different level of authentication.
In this post, we’ll share detailed authentication and verification guidelines regarding Symantec Extended Validation (EV) SSL certificates, to help you understand and appreciate them better.
First of all, before you start the enrollment process for any EV certificate, make sure you know:
- Which SSL certificate you require
- The server platform and version of the server that will host your SSL
- The CSR (Certificate Signing Request) – You will need to generate this code from the server that will host the SSL or request it from your web hosting provider
- Full contact and company details
- Full payment details
EV SSL Authentication
The main goal of EV certificates is to provide the top level of confidence in your website and to enable encrypted communications between visitors and a website that gives clients the confidence to buy. EV SSL provides reliable third-party verified identity and address information regarding the business.
As EV SSL offers the highest available level of trust and security, the Certificate Authority performs an extended check of the EV certificate applicant that is much stricter than that for Organizationally Validated or Domain Validated SSL issuance.
The 8 essential steps for EV SSL enrollment:
- Organization Authentication– Symantec ensures the enrolling organization is registered with the appropriate Government Registration Agency in its country or state.
- Operational Existence – Symantec verifies your organization has the ability to engage in business; it should have been registered for at least 3 years. Alternative documentation may be requested for organizations that have been registered for under 3 years.
- Physical Address Verification – Symantec verifies that the physical business address is listed on a certificate enrollment. This must be a verified valid business address for the Organization or its verified Parent/Subsidiary.
- Telephone Verification – Symantec uses an independently obtained third-party public telephone listing to find a telephone number for the organization at the verified address. If they cannot find a telephone number or the telephone number does not match the verified address, they’ll ask the applicant to provide alternate documentation.
- Domain Authentication – Symantec ensures the SSL’s domain name is registered as the Organization’s legal name in a WHOIS database.
- Confirmation of Employment – The Organizational Contact must work for the organization requesting the SSL and be authorized to obtain an EV SSL on behalf of the organization. Contractors and temporary staff are not allowed to obtain EV certs.
- Verification Call – Before an SSL can be issued, Symantec makes a verification phone call. The CA uses an independently obtained third-party public telephone listing for the Organization within the country listed on the CSR, which must be completed by the Organizational or Technical Contact (if employed by the Organization). If it is impossible to reach a contact directly, Symantec will provide instructions byl voicemail or email on how to complete the final verification.
- Acknowledgement Agreement – With this last step, you should complete the Extended Validation Subscriber Agreement (Organizational Contract) online.
To purchase a Symantec EV SSL Certificate, visit SSLs.com.