Speed up SSL issuance
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.
Code Signing Validation Requirements
-
B
Organization Validation Requirements
The process takes around 2-5 working days in case all documents are correct and supplied on time.
-
1
Operational existence
The organization’s legal identity and/or DBA (doing business as) must be verified and the organization is conducting business operations. Validation uses a combination of your legal registration and other third-party reliable sources to verify your organization.
-
Physical existence
The business address is verified using a combination of your legal registration and other third-party reliable sources.
-
Business phone number
Phone numbers are verified through reliable third-party databases.
-
Government-issued photo ID of the requestor (for Sectigo orders)
-
Verify the authority and authenticity of the order
A callback is made by validation to the verified phone number for the organization. A person of authority to request the certificate provides verification that the order was placed for the organization.
-
-
2
Individual Validation Requirements
If the Code Signing order is generated for the Individual instead of the organization, it will be required to pass the Identity Authentication:
-
Option 1
Available for customers who have a government-issued photo ID that includes an address that matches the name and address on the order. For successful verification 2 documents need to be provided.
- A copy of a government-issued photo ID such as a valid driver’s license, passport, national ID, or military ID that includes the requestor`s name and address that matches the name and address on the order.
- For Sectigo:
A photo of a customer holding a government-issued photo ID. The photo MUST clearly show your face and the government photo ID that is readable and can be compared to the copy provided in Document 1. - For DigiCert/GoGetSSL:
If DigiCert validates the organization with a Photo ID, in some cases, you may be required to submit an Attestation Letter signed by an attorney, CPA, or notary. DigiCert’s validation team will advise how to complete this requirement if necessary. The identity will be verified by the validation center via the Skype Video call.
-
Option 2
Option 2 – Face to face document (for Sectigo orders only). Used when the photo ID does not match the address on the order or is preferred to use.
The Face to Face document explains the specific instructions and requires a notary to attest to and notarize the forms.
The face-to-face verification form should be filled and signed by a Notary who is authorized to conduct business in the customer`s area/country. For successful verification following documents are needed:
- A notarized copy of a valid driver’s license, passport, national ID, or military ID that includes your name and matches the name on the order.
- The Face to Face personal declaration statement
- The Face to Face confirming person statement
Face to Face document available for download here.
More information about validation requirements for CS
-
Option 3
Address verification via a reputable source (for DigiCert and GoGetSSL Code Signing SSL). In case the address is not reflected on a valid issued Government ID or Passport the address will need to be verified with a record in the telephone directory/DnB or other reputable third-party database under the Personal name.
A video conference with DigiCert’s validation team will be also needed to verify the requestor’s identity.
-
-
-
E
EV Validation
Here is the most common information required to pass Extended Validation for Code Signing certificates.
-
1
Sectigo EV Code Signing SSL
The validation process is pretty similar to OV, however, some difference exists:
-
Subscriber Agreement
The EV Subscriber Agreement and the Certificate Request Form have to be filled by the customer (sent as an additional e-mail by Sectigo CA). Might be completed online by following the link sent, or filled by hand, scanned, and sent via the ticket to Sectigo. Samples are available here.
-
Callback
The callback is always manual and performed by the Sectigo agent
-
-
2
DigiCert/GoGetSSL EV Code Signing SSL
EV certificates offer the highest level of protection and trust, as they involve a more rigorous verification process for the company's existence compared to OV certificates. However, from the customer's perspective, the verification process requires the same information submission to the vendor.
Additionally, for EV Code Signing certificates, the organization contact will receive an email with instructions to Approve the certificate request. This email is typically sent after all other validation steps are completed.
Kindly refer to the Organization Validation Requirements described above to find the list of information that will be used by DigiCert CA to complete the organization verification for Code Signing orders.
-