(2 votes, average: 5.00 out of 5)
Users often go through many complications before issuing the OV SSL certificate for their organization. But it should be different if you’re a legal company with all the registration documents.
Certera Team has broken down the entire process and made this OV SSL Validation guide to help you know the documents you must submit to issue your OV SSL certificate.
OV SSL certificate validation (business validation) is one step above the DV Validation and below the EV Validation process. In this OV validation, the certificate authority does light verification to check the legitimacy of your business.
Here are the steps to complete your OV Validation Process
Certificate Authorities perform the organization authentication, verifying whether you are a legally registered business entity and active within the state or country you have claimed. In addition, the certificate authority verifies your address against the online government database. Similarly, if the public government records are not found showing the existence of your company or organization, then the CA (Certificate Authority) will verify the needed information through other methods:
Once your company/organization is verified, the CA goes through the next step of verifying your company is active and legally present in the registered location. Henceforth, to complete the Locality Presence requirement, the CA verifies the actual street address, city, state, or country given within the address against the Online Government Database.
It’ll go through the accepted database and verify the registration details, like your company’s city/state/country, against the details you gave at the time of registration. Suppose the record regarding your locality presence is not available in the Online Government database then; there are some alternative methods that you can use, which are:
Here, the CA verifies your Telephone number against the publicly listed telephone number or the accepted third-party telephone directories such as Scoot or YellowPages. To complete this validation, a publicly listed and active telephone number must be available in an acceptable telephone directory. Similarly, the listed telephone number should have the exact business name and the physical address, verified in the previous step.
Nonetheless, there are two alternative methods that you can go for if your telephone number doesn’t get verified due to any reason, and they’re:
Domain verification is the most simple and essential verification step. Here the CA verifies whether the company owns the website for you have issued the OV SSL.
The methods that you can go to prove domain ownership are:
In this method, you’ll need access to any pre-approved or any other email address listed in the WHOIS directory record. The pre-approved email address can be any of the below five:
For this verification method, you’ll need to have two new sub-folders within the public directory of your domain for which you’re requesting an SSL certificate. And then, you’ll need to place that individual file the CA gave into that sub-folder.
Similarly, you’ll require access to your hosting control panel or our server to make these asked changes. And CA verifies the file you’ve kept in the asked sub-folder, thus verifying your domain.
To use this method, you must create the CNAME record within the DNS Manager. And then you need to wait till it is propagated to the internet. Similarly, completing this step can take up to 24 hours. In addition, you’ll need access to the hosting control panel or your server to use this step.
Lastly, you’ll receive a call from the certificate authority on your verified telephone number. The CA must speak with you or the specified applicant (your website admin) through your company’s verified telephone number to confirm the SSL certificate order details.
Usually, CA asks simple questions like “Did you order this?” or “What’s your company name?” Which hardly takes around 5 minutes. Nonetheless, if the listed telephone number doesn’t connect with you directly and you have an alternative number or IVR/Extension, CA will go through it to reach you.
It is the business registration document issued by the local government. For instance, CA will accept documents such as chartered licenses, DBA statements, or incorporation articles to verify your business’s legitimacy.
You can provide a comprehensive Credit Report of DUNS for verifying specific business details. Here, DUNS (Dun & Bradstreet) is an organization that provides financial reports for businesses.
In addition, their reports are regarded with the highest esteem by the certificate authorities, and they’re used for completing multiple requirements.
Using a Legal Opinion Letter, also known as Professional Opinion Letter (POL), helps complete the OV Validation process as it accepts four to five requirements of the Organization Validation. For instance, you can vouch for your business’s legitimacy by providing a signed letter from the attorney or accountant to the certificate authority.
If your company’s phone has an extension or an IVR (Interactive Voice Response), then the CA will reach out and connect to you. But make sure you’ve provided extensions or your phone is reachable through IVR.
Suppose you don’t have an extension or an IVR, and the provided telephone number reaches reception. In that case, the receptionist or whoever answers the phone should transfer to you or provide your direct telephone number.
Authenticate your Business Website and User Trust using the ultra-robust OV SSL Certificate.