SSL: Validation Processes

Domain Validation

With a Domain Validated or DV, certificate the CA verifies that the person applying for an SSL certificate is actually the current  owner of that domain name and has domain rights . You can verify you own a domain name simply by being able to receive and respond to what’s called a Domain-Control-Validation (DCV) email.

DV certs are the easiest and fastest to get. The CA will send an email to the domain email address asking them to verify that they did indeed register for a certificate. Once you respond to that email in the affirmative, the requirement is considered satisfied and the certificate is issued.

Alternative Methods

There are two additional ways to satisfy the Domain Validation requirement.

File-Based Authentication

The CA will provide you with a text file that you will need to upload to the root directory of your website. This will then be verified by the CA via HTTP or HTTPS.


CNAME-Based Authentication (Comodo Only)

Comodo will provide you with two unique hash values (these are MD5 and SHA1). You, in turn, must enter them in your CNAME DNS record. You must use the following format: <MD5 hash>.yourdomain.com CNAME <SHA-1 hash>.comodoca.com. Once this is complete, Comodo will check on it and use it to satisfy the Domain Validation requirement.


Organization Validation

An Organization Validated, or OV, the certificate will display information about your domain name and the registered legal name of your business or organization. Additionally, it will contain the geographical location information for the city, state, and country where your company is registered to do business. We say that OV certs are validated or authenticated at the organization level (rather than just at the domain level).

The CA will send an email to the domain email address asking them to verify that they did indeed register for a certificate. 

Once you respond to that email in the affirmative, the CA will validate your registered business information.

Extended Validation SSL

Extended Validation, or EV, SSL certificates offer the pinnacle of online trust. EV certs take additional business validation steps beyond what’s required of regular OV certs, hence the extended validation moniker.

Fact: Every EV cert is an OV cert but not every OV cert is an EV cert.

EV certs also provide visual trust by way of the “green bar.” All popular web browsers participate in acknowledging that EV certs have gone through rigorous CA validation by turning the browser’s address bar green and displaying the legal name of the company or organization. EV certificates give users instant comfort and trust by way of easy to understand visual cues.

EV Advantages

  • The highest level of trust available today
  • Turns the browser’s address bar green
  • Displays the company or organization behind the domain
  • Lets your site users instantly know you are not a fake phishing site
  • Not much more expensive than a regular OV cert

EV Concerns

  • Requires additional vetting and authentication steps that can seem overwhelming at first
  • Can require a little more time to be completed and issued

TIP: For more information regarding SSL encryption and website security please see our category here. Alternatively please click here to contact our Support Center.

Was this post helpful?