EV certificates provide the most thorough validation process, making them the most trustworthy option for securing websites. Due to the extensive verification, visitors can immediately see that the site is secure and identify the company behind it.
Issuance Time: Approximately 5–7 days
Special Requirements for Sectigo and Its Subbrands (positiveSSL, instantSSL)
For OV and EV certificates issued by Sectigo, applicants must agree to the Sectigo Certificate Subscriber Agreement online. The administrative contact will receive an email containing an agreement link for confirmation.
Verification Process
To issue an EV certificate, the Certificate Authority (CA) conducts several checks:
- Confirms that the applicant has control over the domain.
- Verifies the legal existence of the company.
- Ensures the applicant is authorized to request the certificate on behalf of the company.
Compared to OV certificates, the validation process is more rigorous, providing a higher level of security and trust.
Validation Steps
1. Domain Ownership Verification
The CA verifies that the applicant controls the domain using one of the following methods:
- Email verification
- DNS record authentication
- File-based authentication
2. Business Registration Verification
The company’s details are checked against an official business registry or equivalent database. The registered business name and address must match those provided in the certificate request.
Important Notes:
- The business registration information must be up to date at the time of validation.
- If there are discrepancies between the registry and the certificate request, the CA may request additional documents.
3. Telephone Verification (Verification Calls)
One of the key steps in EV validation is a three-step telephone verification process. The CA will use a publicly listed business phone number to contact the company.
Since public directories often list a company’s main office number, the reception or main office should be informed in advance about the expected calls. These calls are typically conducted in English during business hours.
- First Call: Verifies that the listed contact person actually works for the company.
- Second Call: Confirms with a supervisor that the contact person is authorized to request the certificate.
- Third Call: The final confirmation call with the contact person to approve the certificate request.
If the CA cannot reach the designated contact, multiple attempts will be made. If unsuccessful, the applicant will receive an email with instructions on the next steps.
Important Notes:
- The phone number listed in public directories must be up to date.
- If discrepancies exist, the CA may require a company phone bill as additional proof.
- Only physical addresses are allowed—P.O. boxes are not accepted.
Scheduling a Verification Call
DigiCert allows applicants to schedule a specific time for their verification call.
How to schedule:
- Visit DigiCert’s booking page.
- Select a suitable time.
- Register with your name and the email address used for the certificate request.
- If possible, provide the Order ID (available in the SSL Manager or in the confirmation email from the CA).
Restrictions for EV Certificates
EV certificates cannot be issued to:
- Private individuals
- Sole proprietors (e.K.)
- Partnerships (GbR)
- Doctors or lawyers
Additional requirements:
- Businesses younger than three years may need to provide a bank confirmation.
- Public institutions (e.g., cities, government offices, schools) may need to submit an official confirmation letter on company letterhead with an official stamp.