SSL validation methods
How does SSL validation work? This overview shows the required steps per validation type. Although the process can differ slightly for different suppliers, the order of the steps is the same. If you require advice or help choosing the right certificate or correctly creating your CSR, please contact us.
|Domain validation (DV)||Organistation validation (OV)||Extended validation (EV)|
Access to the domain name is validated through an approver email. This can only be sent to a domain or address that can be found in the WHOIS.
The data in the CSR is compared with the public information in an authorised source. In the Netherlands, this is checked in the Chamber of Commerce trade register.
The information in the common name and any SAN names is compared with the information in the CSR and the previously checked company information. They have to be an exact match.
Validation by phone
The person entered in the request for the SSL certificate is contacted by phone, using a phone number found in an authorised public source.
An EV SSL certificate request cannot be completed without two signed documents: the Certificate Request Form and the Certificate Subscriber Agreement. These documents must be signed by the person requesting the certificate.
When requesting an EV SSL certificate, two documents must be signed: the Certificate Request Form and Certificate Subscriber Agreement. These must be signed by the requester.
The following information is checked: statutory- or trade name, legal form, address information, postal code, city, country and country code. For an OV, the trade name may be used in the certificate. For an EV certificate, only the statutory name may be used (including the legal form).
The private key is generated during the creation of the CSR. In most cases, it is saved on the same server where the CSR was generated.
The intermediate certificate must always be installed along with the certificate. Please visit our support page for more information and manuals.
When a common name or SAN name is caught in the phishing check, the validation process may take longer than expected. The latest status of your request can be tracked through our portal.
Frequently asked questions
About SSL certificates
- What is a common name?
- What is a private key and what is a public key?
- What is a wildcard certificate?
- What is an intermediate certificate?
- What is a root certificate?
- What is SNI and when do I need it?
- What are cipher suites?
- What is HTTP Strict Transport Security (HSTS)?
- What is OCSP?
- How does file approver work?