Extended Validation (or EV) certificates are recognized as the highest standard in Internet trust. To fully validate and issue an EV certificate, the purchaser must take several steps, as outlined below.
Important Industry Update (2025): The CA/Browser Forum has approved Ballot SC-081v3, which will reduce SSL/TLS certificate validity periods to 47 days by 2029. This affects all public SSL/TLS certificates, including EV certificates. The changes will be implemented in phases starting in the coming years to enhance certificate security and reduce potential attack windows.
Validation Requirements
In order to verify your EV certificate please submit the three document items listed below through your SSL.com account portal.
- A signed copy of the EV Subscriber agreement
- A signed copy of the EV Authorization Form
- Please choose one of the following items to submit:
- Your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number). Using a D-U-N-S number helps SSL.com expedite validation and certificate issuance. Please ensure that your company information in Dun & Bradstreet is correct and up-to-date before using this option. You can enter your D-U-N-S number directly with your Company Details when ordering your certificate:
- A business profile from another Qualified Information Source, such as ZoomInfo, Google Business, or OpenCorporates.
- An attestation letter from a licensed professional (attorney, accountant, or civil-law/Latin notary):
- Your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number). Using a D-U-N-S number helps SSL.com expedite validation and certificate issuance. Please ensure that your company information in Dun & Bradstreet is correct and up-to-date before using this option. You can enter your D-U-N-S number directly with your Company Details when ordering your certificate:
A scan of the front of a valid, government-issued photo ID card or passport ID page. The ID number may be obscured, but we must be able to see your name, address, year of birth, and photograph.
A photograph of yourself holding the government-issued ID next to your face so that your face may be compared with the image on the ID. The photograph should be at least 5 megapixels (MP) – most current smartphones can provide an image of 8MP or greater.
For applicants to a Sole Proprietor EV Code Signing Certificate, a signed copy of the EV Sole Proprietor Form has to be submitted.
SSL.com customers purchasing an EV SSL certificate will immediately receive a DV certificate after going through the standard domain validation process. This certificate will serve as a placeholder, allowing you to secure your site immediately. Your EV certificate will be issued as soon as the additional verification steps below are completed and confirmed.
After submitting the above information to SSL.com, our vetting partner will:
-
- Verify the legal existence and identity of the organization by confirming its registration directly with the incorporating or registration authority.
- Verify trade/assumed Name (if necessary)- this is only applicable if the company does business under a name, which is different from the official name of their corporation. The company’s trade name must be registered and verifiable.
- Verify operational existence – Typically, this means confirming that the company has a current active demand deposit account with a regulated financial institution to verify that the company is able to conduct business operations.
- Verify organization contact via a reliable communication method – Confirms the organization can be reached through a trusted, publicly listed communication method (such as a telephone number or email address).
- Verify physical existence – Confirms the organization has a real, physical (non-P.O. Box) address listed in public or official records.
- Verify Domain Ownership via a WHOIS search for a SSL/TLS.
- Verify the name, title, authority, and signature of the person(s) involved in requesting the certificate and agreeing to the terms and conditions.
- If additional documents are required, they can be submitted here:
EV certificate validity: Per the CA/B Forum BRs, individual TLS certificates currently have a maximum lifetime of 398 days (about 13 months). SSL.com can sell multi-year plans, fulfilled as successive certificates revalidated per the BRs/EVGs. The BR-mandated schedule reduces max lifetimes to 200 days (Mar 15, 2026), 100 days (Mar 15, 2027), and 47 days (Mar 15, 2029).
Duration for each EV certificate. We can issue up to:
For SSL/TLS
– 13 months (397 days)
For Code Signing
– 3 years (36 months)
Immediate Site Protection
SSL.com customers purchasing an EV SSL certificate will immediately receive a Domain Validated (DV) certificate after completing the standard domain validation process. This certificate serves as a placeholder to secure your site right away while the extended validation process is completed. Your full EV certificate will be issued upon successful completion of all validation steps outlined above.
Recent Security Enhancements
Multi-Perspective Issuance Corroboration (MPIC): As of March 15, 2025, SSL.com implements MPIC using at least two remote network perspectives for enhanced domain validation security. This additional security measure helps prevent domain validation attacks and ensures stronger certificate integrity, as required by CA/Browser Forum standards.
Enhanced Validation Standards: SSL.com continues to adhere to the CA/Browser Forum Extended Validation Guidelines version 2.0.1 and Baseline Requirements version 2.1.7, ensuring our EV certificates meet the highest industry standards for trust and security.
Video: Validation Requirements for OV, IV, and EV Certificates
