With an Organization Validated (OV) certificate, the Certificate Authority verifies your ownership of the domain name and business registration information before issuing a certificate.
Information about both domain and company will also be listed in the certificate details. For this type of certificate, the HTTPS and a padlock are displayed in the address bar of the end-user’s browser. The company’s information incorporated in the Certificate will be also visible on the Site Seal. An OV certificate can be activated for a legal company name as well as a DBA (Doing Business As), or a Trade Name. It is also possible to apply as an Individual.
Since now Sectigo CA needs to perform manual validation of your business, these certificates can take up to two business days to be issued. This type of certificate is recommended for e-commerce websites where the end-user should be informed about the company they are doing business with.
Once you finish the activation process, an email with a list of the required documents will be sent to you. In order to verify the existence of your organization, Sectigo must be able to find it listed either in an official government database or a third party database such as Dun&Bradstreet. If the address submitted during certificate activation does not match the database record, they may use one of the additional documents for address verification. A full list of paperwork and explanation of the validation process provided by Sectigo Certificate Authority can be found here.
The callback verification is also an obligatory step for this certificate. It is required to verify organizational contact and make sure that applicant is authorized to request an SSL certificate on behalf of the organization. As soon as all documentary validation is complete, Sectigo will send you the callback email to your company official email address, which you provide during the SSL activation. It can also be one of the following generic email addresses as an alternative: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com. Note that any third-party service email, like @gmail.com, et.c, won't fit even, if it's listed as the Whois email address for the domain.
The callback email contains the instructions on how to receive an automated call to the verified phone number of your organization.
Note: Alternatively, you can use one of generic domain-related email addresses from the following list for the callback: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org.
The template of the callback email is provided below:
To proceed further, please copy the verification code and click here.
The link will take you to the next screen with various options:
To complete the process, you need to do the following:
Once done, you will see a pop-up saying that the callback verification is complete and the certificate will be shortly delivered to the administrative contact email address for the SSL order.
Note: To check the progress status and take action to expedite your certificate issue, use the convenient SSL Validation Tool.
If you have questions regarding the validation process, feel free to submit your request here.
Please refer to the Sectigo Order number in all the correspondence with Sectigo CA. It can be found on the Certificate Details page in your Namecheap account.