When you purchase an Extended Validation (EV) SSL Certificate from Trustico® you will need to complete a comprehensive validation process before your SSL Certificate can be issued. Extended Validation (EV) SSL Certificates provide the highest level of trust available and require thorough verification of your organization's legal status, operational existence, physical presence, and authority to request the SSL Certificate. Understanding these requirements in advance helps ensure a smooth validation experience, with issuance typically completed within one to five business days.
Trustico® provides Extended Validation (EV) SSL Certificates through our trusted Certificate Authority (CA) partners. The validation process follows strict guidelines established by the CA/Browser Forum and is conducted by human validation specialists to confirm your organization's identity and legitimacy. This page explains each step of the Extended Validation (EV) process and provides guidance on how to prepare your organization for successful validation. Learn About Extended Validation (EV) SSL Certificates 🔗
Understanding Extended Validation (EV)
Extended Validation (EV) SSL Certificates represent the highest standard of identity verification in the SSL Certificate industry. Unlike Domain Validation (DV) or Organization Validation (OV) SSL Certificates, Extended Validation (EV) requires a rigorous vetting process that is conducted by human validation specialists rather than automated systems. This thorough verification ensures that only legitimate, verified organizations can obtain Extended Validation (EV) SSL Certificates.
Extended Validation (EV) SSL Certificates are recommended for any website that collects sensitive information, processes financial transactions, or requires the highest level of customer trust. They have become the industry standard for e-commerce websites and are essential for organizations in banking, finance, healthcare, and government sectors. The verified organization details are embedded within the SSL Certificate and can be viewed by visitors who inspect the Certificate details, providing transparency and building confidence. Discover Organization Validation (OV) SSL Certificates 🔗
Extended Validation (EV) Requirements Overview
The Extended Validation (EV) process follows CA/Browser Forum guidelines and consists of multiple verification stages that confirm your organization's legal existence, operational status, physical presence, and the authority of individuals involved in the Certificate request. All Organization Validation (OV) requirements must be met, plus additional Extended Validation (EV) specific checks are performed by human validation specialists.
Details Being Validated
During the Extended Validation (EV) process, the Certificate Authority (CA) will verify several key aspects of your organization. These include your organization's legal name and confirmation that it is in good standing with the relevant registration authority. If your organization operates under a trade name or DBA (Doing Business As), this will also be verified through government registration or approved third-party databases.
The validation process confirms the current operators of the business, the operational address where business is conducted, and the primary telephone number listed for the organization. Domain ownership and control must be demonstrated for all domains to be included on the SSL Certificate. Finally, the authenticity of the Subscriber Agreement must be verified through direct contact with the authorised signer.
The Seven-Stage Validation Process
Extended Validation (EV) follows a structured validation process established by the CA/Browser Forum. Each stage must be completed successfully before your Extended Validation (EV) SSL Certificate can be issued. Understanding each stage helps you prepare the necessary information and documentation.
Stage One : EV Enrollment Verification
The first stage verifies that the person applying for the Extended Validation (EV) SSL Certificate is an employee of the organization and is authorised to proceed with the Certificate purchase. This helps ensure that SSL Certificate requests are legitimate and have proper organizational approval.
Stage Two : Organization Authentication
The Certificate Authority (CA) verifies through government registration information that your organization is a legally registered entity and is active in the registered location. Verification depends on your organization type. Private organizations include incorporated entities with identifiers such as Inc, LLC, Ltd, Pty Ltd, or GmbH. Government entities include departments of government, public schools, and local government bodies. Business entities include non-incorporated businesses created by filing with a government authority, such as general partnerships and limited partnerships. Non-commercial entities include international organizations not specifically tied to one country.
It is essential that your organization name on the SSL Certificate order matches your legal registration exactly. Do not enter a trade name or DBA (Doing Business As) as your legal name. Trade names can be included on the Certificate alongside the legal name if properly registered.
Stage Three : Flagged Entity Check
The Certificate Authority (CA) screens your organization against security databases including anti-phishing working group lists, the US Treasury Department denied persons list, and other exclusion lists. Organizations found on these lists will either be denied an Extended Validation (EV) SSL Certificate or require additional validation before issuance.
Stage Four : Operational Existence Verification
The Certificate Authority (CA) must verify that your organization has been in operational existence for at least three years. If your organization has been registered for three years or longer, this is typically verified automatically through government registration records. Organizations registered for less than three years must provide additional documentation to demonstrate operational existence.
Acceptable documentation for newer organizations includes a Dun and Bradstreet listing, a bank confirmation letter verifying that the organization maintains a demand deposit account with a regulated financial institution, or a Legal Opinion Letter from a licensed attorney or Certified Public Accountant (CPA).
Stage Five : Physical Address Verification
The Certificate Authority (CA) verifies that your organization has a genuine physical address in its country of registration. This must be a real business location where operations are conducted. You cannot use a PO Box, mail stop, mail forwarding address, care of address, virtual office address, or registered agent address for Extended Validation (EV) SSL Certificates.
Physical address verification is typically performed through third-party databases such as Dun and Bradstreet. If your address cannot be verified through these sources, you may need to provide supporting documentation or a Legal Opinion Letter.
Stage Six : Telephone Verification
Your organization must have a verified telephone number that is listed in a third-party database or online directory that receives information directly from telecommunications providers. The telephone listing must match your organization name and physical address exactly as verified in previous stages.
If your telephone number cannot be found in public directories, it may be verified through third-party databases such as Dun and Bradstreet or through a Legal Opinion Letter that includes your verified contact details.
Stage Seven : Domain Ownership Verification
You must demonstrate control over all domain names to be included on your Extended Validation (EV) SSL Certificate. Domain Control Validation (DCV) is completed using one of three methods : e-mail validation using an approved e-mail address associated with your domain, Domain Name System (DNS) validation by adding a specific CNAME record to your domain's zone, or HTTP/HTTPS file-based validation by placing a validation file on your web server.
Trustico® recommends Domain Name System (DNS) validation as it provides the most reliable method for domain verification. It is important to note that WHOIS-based domain validation is no longer accepted as of June 2025. Explore The Validation Procedure 🔗
Contract Signer and Certificate Approver Verification
Extended Validation (EV) SSL Certificates require verification of the individuals authorised to sign agreements and approve SSL Certificate requests on behalf of your organization. This additional verification step helps ensure that only properly authorised personnel can obtain Extended Validation (EV) SSL Certificates for your organization.
Contract Signer Verification
The person who signs the EV Subscriber Agreement must be verified as an authorised representative of your organization. If the signer's name appears on government registration documents or in third-party databases such as Dun and Bradstreet, no additional verification may be required. If further validation is needed, the Certificate Authority (CA) may contact your Human Resources department or another key person listed within the organization to verify the signer's name, title, and authority to sign on behalf of the organization.
Certificate Approver Verification
The Certificate approver and requester are verified through telephone contact with either Human Resources or the contract signer. Having the contract signer, SSL Certificate approver, and SSL Certificate requester as the same person can help accelerate the validation process.
Final Verification Callback
A telephone callback is made to the verified telephone number of your organization to confirm the authenticity of the Subscriber Agreement signature, the authority of the signer to act on behalf of the organization, that the signer is an employee of the organization, and the signer's title within the organization. An authorised representative must be available to receive this call for the SSL Certificate to be issued.
Required Documents for Extended Validation (EV)
Extended Validation (EV) SSL Certificate orders require the completion of specific documents that must be submitted to the Certificate Authority (CA) for verification.
EV Subscriber Agreement
The EV Subscriber Agreement is accepted when you place your initial Extended Validation (EV) SSL Certificate request. This agreement is separate from general terms of service and establishes the legal relationship between your organization and the Certificate Authority (CA) regarding the Extended Validation (EV) SSL Certificate.
Certificate Request Form
The Certificate Request Form (CRF) is sent to the requester via e-mail with instructions on how to complete the click-through process. This form captures essential information about your organization and the individuals authorised to request and approve SSL Certificates.
Legal Opinion Letter
In certain circumstances, the Certificate Authority (CA) may require a Legal Opinion Letter signed by a licensed attorney, Latin Notary, or Certified Public Accountant (CPA) to verify your organization's legal name, address, operational existence, and authority of the signing personnel. A Legal Opinion Letter may be required for organizations registered for less than three years, when government databases are not accessible, when organization details cannot be verified through standard sources, or when you need to expedite the validation process.
The professional signing the Legal Opinion Letter must have a valid licence in the jurisdiction where your organization is registered or maintains a physical presence. To expedite verification of the letter, it is helpful if the signing professional speaks English so they can confirm their signature during telephone verification with the validation specialist.
Preparing for Extended Validation (EV)
Thorough preparation before placing your Extended Validation (EV) SSL Certificate order can significantly reduce validation time and help ensure a smooth issuance process. The following guidance will help you prepare your organization's information and documentation.
Verify All Business Registrations
Before ordering your Extended Validation (EV) SSL Certificate, confirm that your organization's registration with all relevant government authorities is current, accurate, and in good standing. This includes your primary business registration, any trade name or DBA (Doing Business As) registrations, and professional licences if applicable. Ensure all registration details including business name, address, and registration numbers are accurate and up to date.
Update Third-Party Directory Listings
Ensure your organization is listed in major business directories such as Dun and Bradstreet, Bloomberg, or Hoovers with accurate and complete information. Your listing should include your full legal business name exactly as registered, your physical business address where operations are conducted, and your main business telephone number. Consistent information across all directories makes verification faster and more straightforward.
If your organization is not listed in any business directories, strongly consider creating a Dun and Bradstreet listing before placing your order. This can significantly expedite multiple stages of the Extended Validation (EV) process.
Identify Authorised Personnel
Before placing your order, identify who within your organization will serve as the contract signer, Certificate approver, and Certificate requester. Ensure these individuals are available during business hours to respond to verification requests and telephone callbacks. Having the same person serve in multiple roles can simplify the process.
Prepare Supporting Documentation
If your organization has been registered for less than three years, gather documentation to demonstrate operational existence such as bank statements or Dun and Bradstreet listings. If you anticipate any difficulties with standard verification methods, consider obtaining a Legal Opinion Letter in advance to expedite the process.
Tips for Faster Extended Validation (EV) Issuance
Several factors can help accelerate your Extended Validation (EV) SSL Certificate validation process and reduce the time to issuance.
Use Your Legal Organization Name
Always use your legally registered organization name on the SSL Certificate order, not a trade name or DBA (Doing Business As). If you want to include a trade name on the Certificate, it must be registered with a government agency and will be displayed alongside your legal name.
Use Your Operational Business Address
Provide the physical address where your organization actually conducts business. This address must be verifiable and cannot be a PO Box, virtual office, or mail forwarding service.
Ensure Telephone Accessibility
The verification callback is mandatory and cannot be skipped. Ensure the telephone number provided is actively monitored during business hours and that reception staff are aware they may receive a verification call from the Certificate Authority (CA).
Complete Agreement Forms Accurately
When completing the EV Subscriber Agreement and Certificate Request Form, use your real name and professional title. Do not use generic identifiers such as IT Administrator or Webmaster. Accurate completion of these forms can help expedite the verification process.
Respond Promptly to Requests
If the validation team requests additional information or documentation, respond as quickly as possible. Delays in providing requested information extend the overall validation timeline.
Validation Timeline for Extended Validation (EV)
Extended Validation (EV) SSL Certificates are typically issued within one to five business days, depending on how quickly all verification stages can be completed and the availability of authorised personnel for callbacks. Organizations with accurate, up-to-date information in government databases and third-party directories typically experience faster validation.
The timeline may be extended if additional documentation is required, if there are difficulties verifying organization details through standard sources, or if authorised representatives are unavailable for verification callbacks. Trustico® provides order tracking through your customer account where you can monitor the validation progress and see which stages have been completed. View Our SSL Certificate Order Tracking 🔗
Organizations That Qualify for Extended Validation (EV)
Extended Validation (EV) SSL Certificates are available to legally registered organizations that can demonstrate legal, operational, and physical existence. Eligible organization types include private organizations such as corporations, limited liability companies, and other incorporated entities, government entities including federal, state, and local government bodies and public institutions, and business entities that are non-incorporated but have official government registration.
Extended Validation (EV) SSL Certificates are generally not available to individuals unless they operate as a registered sole proprietor or have a registered small business. Some sole proprietors may qualify depending on their jurisdiction's registration requirements.
Getting Help with Extended Validation (EV)
If you experience any difficulties with the Extended Validation (EV) process or have questions about the requirements, Trustico® support is available to assist you. Our team can provide guidance on preparing your documentation, help resolve validation issues, and liaise with the Certificate Authority (CA) validation team on your behalf.
Trustico® is committed to ensuring your Extended Validation (EV) SSL Certificate is issued efficiently while maintaining the rigorous security standards that make Extended Validation (EV) the highest trust level available. By preparing your information thoroughly, ensuring authorised personnel are available, and responding promptly to any requests for additional information, you can help ensure a smooth and successful validation experience. Explore Trustico® Support Options 🔗
