Tips for EV SSL Applications

Make sure the certificate request includes the full legal name of the Organization.

  • Qualifying for an EV certificate means the Organization must be registered with the appropriate Government Registration Agency in its country, state or (in some cases) jurisdiction.
  • Organizational Identifiers (i.e., Inc, Corp, LLC, Ltd, Pty Ltd, etc.) must be included in the certificate Organization name. No misspellings, unregistered acronyms, or abbreviations are allowed.
  • Common mistake:
    • Leaving out the correct Organizational Identifiers (i.e., Inc, Corp, LLC, Ltd, Pty Ltd, etc.) in the certificate Organization name or abbreviating any part of the name
Make sure the certificate domain name is registered to the same Organization name and publicly viewable in a WHOIS search.

  • If the domain “Registrant” does not exactly match the same legal Organization name indicated in the certificate request, please update the domain record with your domain registrar.
  • If the CA requests you update your domain WHOIS record, once completed please contact the CA Customer Support so they can continue processing your order.
  • If the actual domain Registrant information is not publicly viewable in the WHOIS record due to a private registration, please contact your domain registrar to make the information temporary viewable long enough to validate ownership.
  • Common mistakes:
    • The domain’s registered owner does not exactly match the legal company name (this includes abbreviations of any part of the name)
    • Not including a fully qualified domain name in the certificate Common Name. EV certificates are not issued to “intranet” sites or IP addresses.
Make sure the Organization’s primary physical address is referenced in the order.

  • Make sure there is a publicly listed telephone number associated with this address.
  • This cannot be a P.O. Box, and needs to be a physical street address.
  • Common mistake:
    • Address listed as a P.O. Box instead of physical location.
Be aware you should expect a phone call to your organization to validate your details

  • These phone calls will be made using the publicly listed telephone number of the Organization
  • The Organizational Contact must be available to:
    • Answer questions and provide any additional documentation requested to validate the certificate.
    • Complete a final telephone verification call before the certificate is approved
  • Designate an Organizational Contact who has a job title of Director, VP, Officer (CEO, CIO, COO, etc.), or higher, who can be more easily validated as having the authority to purchase an Extended Validation SSL certificate on behalf of their Organization.
  • Be prepared for a phone call to the company’s HR department for confirmation of the Organizational Contact’s employment, as well as to the Organizational Contact for verbal verification of the order.
  • Common mistake:
    • Designating an Organizational Contact who is unavailable to provide the items outlined above.
A Professional Opinion Letter may be necessary if it is not possible to validate certain items.

  • Can be completed by either a practicing lawyer, or Certificate Public Accountant
  • Lawyer must be licensed to practice law in the country of the Applicant’s Jurisdiction of Incorporation or any jurisdiction where the Applicant maintains an office or physical facility.
  • Certified Accountant must be licensed to practice accounting in the country of Applicant’s Jurisdiction of Incorporation or any jurisdiction where Applicant maintains an office or physical facility.
  • If required, specific instructions will be sent to the Organizational Contact indicating which items need to be validated.
  • The lawyer or CPA must be available for a telephone call to verbally confirm the contents of the letter

Related Articles