Extended Validation (EV) SSL Certificate Requirements
Robert KimShare
An Extended Validation (EV) SSL Certificate is the most thoroughly checked type. Before issuing one, the Certificate Authority (CA) confirms the legal identity, physical presence, and domain control of the organization behind the request. This guide covers what that involves and how to prepare.
The checks follow a defined industry procedure, so they are consistent across every Certificate Authority (CA). For the wider picture, Learn About Extended Validation (EV) SSL Certificates 🔗
What the Validation Confirms
For an Extended Validation (EV) SSL Certificate, the Certificate Authority (CA) verifies that the organization is a registered legal entity, that it operates from its stated address, and that it controls the domain named in the request.
These checks go well beyond a domain-only one, which is why an Extended Validation (EV) SSL Certificate carries the verified legal name and location of the business. Learn About SSL Certificate Validation 🔗
Documents and Identity
The organization provides official evidence of its existence, such as government-issued registration documents, articles of incorporation, or a business license. Identification for the authorized representative handling the request is also required.
The Certificate Signing Request (CSR) must match the organization's registered legal name exactly. Any mismatch between the Certificate Signing Request (CSR), the documents, and official records leads to delay or rejection. Learn About Certificate Signing Requests (CSR) 🔗
Proving Control of the Domain
Alongside the organization checks, control of the domain is proven through the standard methods : a Domain Name System (DNS) record, a file on the web server, or an e-mail to a fixed role address.
As with every SSL Certificate now, WHOIS records are no longer used for this. Keeping access to one approved method ready avoids holding up the wider check. Learn About Domain Control Validation (DCV) 🔗
Preparing for a Smooth Check
Because the verification is detailed, preparation shortens it. Keep current copies of the registration documents and make sure the listed contact details are accurate.
The authorized representative should be reachable and ready to answer a verification call or e-mail from the Certificate Authority (CA). Generating the Certificate Signing Request (CSR) correctly and keeping the Domain Name System (DNS) in order rounds out the technical side.
Keeping the Details Current
An Extended Validation (EV) SSL Certificate is validated again for each new term, and the organization details are confirmed afresh. The maximum validity allowed across the industry is falling, so these checks recur more often than they once did.
Report any change to the legal name or address to the Certificate Authority (CA) promptly, since out-of-date details can lead to problems or revocation. A reissue stays free during the life of the SSL Certificate for a Private Key change or a server move. Learn About the Reissue Process 🔗
The Modern Trust Indicators
Older browsers once displayed the organization name in a green address bar for an Extended Validation (EV) SSL Certificate. Major browsers removed that display some years ago, so there is no longer a name shown in the bar.
The verified identity now sits in the SSL Certificate details rather than the address bar. Its value lies in the recorded legal identity and the depth of the check, which some sectors and partners still call for. Explore the Trustico® Extended Validation (EV) Range 🔗
