After you request or renew your SSL certificate, DigiCert is required to verify that you control the domain(s) that you are requesting the certificate for. The verification process depends on the type of certificate and the type of web server you have. For instance, with extended and Organization Validation certificates DigiCert also needs to verify your identity and that you are eligible for that type of certificate.
We try to complete the verification with information we already have or with information we can get from third parties. If there is additional information needed, a member of our verification team will reach out and tell you what they need to approve your certificate request.
Standard Certificate (most common)
To approve your standard certificate request, DigiCert must verify that you control the domain name the certificate is requested for.
If your SSL certificate is in the same Cloud Sprout account as the domains listed on the request, you don’t need to prove that you control the domain. We do that for you and will let you know when the certificate is ready.
If your SSL certificate is in a different account than the domain(s) on the request, we will use one of these methods to verify you control the domain(s).
After you request or renew your SSL, we’ll send a verification link to a list of email addresses on the domain(s). The email address must be one of the following: admin@, administrator@, hostmaster@, postmaster@, or webmaster@. If you don’t have one of these set up already, create one and we’ll send you the link within 24 hours. Clicking on the link included in the email proves you have domain control.
If your SSL certificate is not in the same account as your domain(s) and you cannot set up an email address on the domain(s), you need to verify you control the domain via DNS or HTML. For information on that process, see Verify domain ownership (DNS or HTML) for my SSL certificate.
After you complete one of the domain control validation options, your certificate will be issued within one business day. Keep in mind that manual verification processes are dependent on you completing the task. The certificate will not be issued until you prove that you have control of the domain(s).
Organization Validation Certificate
After you request an Organization Validation certificate, our support team will help you:
Prove you control the domain(s)
Prove your identity and eligibility for an Organization Validation Certificate
If your SSL certificate is in the same Cloud Sprout account as the domains on the request, you don’t need to prove that you control the domain(s). We do that for you and DigiCert will let you know when the certificate is ready.
If your SSL certificate is in a different account than the domain(s) on the request, we will use one of these methods to verify you control the domain(s).
After you request your SSL, we’ll send a verification link to a list of email addresses on the domain(s). The email address must be one of the following: admin@, administrator@, hostmaster@, postmaster@, or webmaster@. If you don’t have one of these set up already, create one and we’ll send you the link within 24 hours. Clicking the link included in the email proves you have domain control.
If your SSL certificate is not in the same account as your domain(s) and you cannot set up an email address on the domain(s), you need to verify you control the domain via DNS or HTML. For information on that process, see Verify domain ownership (DNS or HTML) for my SSL certificate.
Prove your identity and eligibility for an Organization Validation Certificate by sending documents containing the following information:
Yours or the organization's name
Address
Telephone number (which we call before issuing your certificate)
Which documents we accept depends on whether the certificate is being issued to an individual or an organization. Our support team will tell you which documents they need for your certificate.
Documentation requests may include:
For Individuals
Government-issued photo ID
Utility bill, or bank or credit card statement that displays address and phone number
For Organizations
Business license
Sales & Use Tax certificate (neither the number or the Federal Employment Identification Number (FEIN) alone are acceptable)
"Doing Business As" (DBA) documentation
Fictitious-name documentation
Occupational Tax Certificate/License
Non-profit organization tax exemption certificate
Articles of Incorporation
Utility bill, or bank or credit card statement that displays address and phone number
A letter of attestation from an attorney or CPA
Extended Validation Certificate
After you request an Extended Validation certificate, our support team will help you:
Prove you control the domain(s)
Prove your identity and eligibility for an Extended Validation Certificate
If your SSL certificate is in the same Cloud Sprout account as the domains on the request, you don’t need to prove that you control the domain(s). We do that for you and DigiCert will let you know when the certificate is ready.
If your SSL certificate is in a different account than the domain(s) on the request, we will use one of these methods to verify you control the domain(s).
After you request your SSL, we’ll send a verification link to a list of email addresses on the domain(s). The email address must be one of the following: admin@, administrator@, hostmaster@, postmaster@, or webmaster@. If you don’t have one of these set up already, create one and we’ll send you the link within 24 hours. Clicking the link included in the email proves you have domain control.
If your SSL certificate is not in the same account as your domain(s) and you cannot set up an email address on the domain(s), you need to verify you control the domain via DNS or HTML. For information on that process, see Verify domain ownership (DNS or HTML) for my SSL certificate.
Prove your identity and eligibility for an Extended Validation Certificate by sending documents containing the following information:
Yours or the organization's name
Address
Telephone number (which we call before issuing your certificate)
Which documents we accept depends on whether the certificate is being issued to an individual or an organization. Our support team will tell you which documents they need for your certificate.
Documentation requests may include:
Business license
"Doing Business As" (DBA) documentation
Fictitious-name documentation
Articles of Incorporation
Certificate request signed by certificate requestor and certificate approver
Signed contact agreement for all initial requests and changes to authorized signer
Notarized personal statement attestation (for non-LLC or Inc. businesses)
Notarized face-to-face attestation statement (for non-LLC or Inc. businesses)
Notarized copy of the photo ID used for identity validation (for non-LLC or Inc. businesses)
Verified legal opinion or certified public accountant letter, depending on results from other validation methods
