Getting your organization verified by a certificate authority can be a complicated process to get through. To help simplify things we’ve broken down all of the mumbo-jumbo for you into 3 steps. As long as you can provide the Certificate Authority with the below items, you should be able to get your Organization Validated SSL certificate issued quickly and painlessly.
- This is not an exhaustive list of all the steps that may be required for your organization to get validated. Organizations are assessed on a case by case basis by the Certificate Authorities. However, in our experience, by following these basic rules, 99% of all legally registered organizations should be able to complete the process and receive their SSL.
- This article only outlines the steps to get your Organization Validation completed, you will also need to prove to the certificate authority that you own and control the domain(s) that you’re requesting. We have a separate support article that goes over Domain Control Validation here.
Steps to Get Your Organization Validated
1. Legal Business Registration
The certificate authorities will attempt to locate your organization on an online government database that shows your company’s registration date, registration number, and full company name. As long as the vendor can locate this government listing and the organization name you submitted on your order matches your government listing exactly, you shouldn’t need to provide them with any documentation for this step.
- If your government doesn’t list the above information online or the certificate authority cannot locate your online government listing, submit a ticket with our support team with scanned copies of your business registration documents that show your registration number or ID, registration date and full legal business name, and we’ll get it over to the vendor!
- If the organization name you submitted on your order does NOT match your business registration documents exactly, please contact our support team and let us know right away. Incorrectly submitted organization names will severely delay your validation.
2. Third-Party Online Listing
Certificate Authorities will attempt to locate your business on an approved online business directory website. Not all online directories are accepted and the certificate authorities don’t publicly disclose a list of all of their acceptable online directories.
However, based on our experience, we’ve provided some online directory suggestions below along with the information that needs to be displayed on them to give you an idea of what they’re looking for. If your business is listed on a different online directory and it shows the below information, let our support team know and we can have the vendor check to see if it can be used!
Info that needs to be on the listing:
- Your company’s full legal name (it should match your business registration documents including the corporate identifier like LLC, Inc, GMBH, PTY LTD, etc.).
- A usable telephone number. (This will need to be used in Requirement #3).
- Your company’s full street address. (No PO Boxes allowed).
Examples of third-party directory websites that may be accepted for verification:
- A verified Google Business Listing
- The Better Business Bureau
3. Verify the Certificate Request Over the Phone
Once the certificate authority has verified your business registration documents and found your online third-party listing, they’ll need to place a call to the telephone number listed on your online directory. This way they can verify that the request for the SSL was made by someone from your company and is legitimate. This can be done in one of two ways:
- The vendor will send an email to the Admin Contact’s email address. This email will allow the Admin Contact to initiate an automated telephone call whenever they’re available to receive it.
- The vendor will place a manual call to the verified telephone number during normal business hours for your company and ask to speak to the Admin Contact.
Keep an eye on your inbox for the automated telephone call email! That is the default method for OV orders to complete the final verification call. If it has been more than 48 hours since you submitted your order to the vendor and you have received no communication from them, please contact our support team so we can check the status of your order.
Alternate Way to Get Your OV SSL Verified
If you cannot provide the requested documents and online listing from steps 1 and 2, you can also opt for a Legal Opinion Letter that is filled out and signed by an active Lawyer or Accountant. The lawyer or accountant will need to be registered in the same jurisdiction as your business. Once the vendor is able to certify the legitimacy of the legal opinion letter, they’ll call you at the telephone number listed on the letter to make sure that you actually requested the SSL. Once that’s done, your organization will be verified in their system! You can download the Legal Opinion Letter template here.
Don’t Forget About Domain Validation!
To get your SSL issued, you’ll also need to prove to the certificate authority that you own and control the domain(s) that you’re requesting.
Domain Control validation can be completed using any of the 3 available methods below. Each of these methods has its own steps and technical requirements. We have dedicated articles that go into detail for each one below:
- Email Based Verification
- File Based Verification
- DNS Verification
Once all of these steps are completed, your SSL will be issued and your next step will be to install the SSL on your server. You can get instructions for installing your SSL on the most common server types in our SSL Installation Help Center.