I completed DCV but the order is not issued (Brand validation)
Before any SSL certificate can be issued, it is required to complete a specific verification process to ensure that the certificate applicant is the real domain owner, and has relation to the applying company in case of OV and
EV. This process usually consists of Domain Control Validation (for all certificates) and business validation (for OV and EV certificates only).
However, there is also an additional verification layer that each certificate application undergoes in the background of the main process. It is called Brand Validation. This is another security mechanism to avoid certificate issuance for malicious purposes.
The system scans the application for matches with specific keywords. The keywords are brand names, common IT terms, terms associated with high-transaction business sites and sites that have a <10.000 Alexa rank. Alexa is the system that evaluates websites in the Internet by their total traffic and the number of unique visitors, putting them into a specific ranking table.
For example, if someone activates a domain validated (DV) certificate for the windows.example.com domain, the windows keyword will trigger Brand Validation, and the order will be, most likely, rejected after Comodo's (now Sectigo) manual review. To avoid this, it is recommended to choose an OV or an EV certificate and to prove one's relation to the Microsoft brand by supplying corresponding documents during company validation.
How to understand that the certificate order was selected for additional Brand Validation.
To check the progress status, use the convenient SSL Validation Tool.
The order with brand validation status will be reflected as follows:
It usually takes about 24-48 hours for such orders to be reviewed and processed by Comodo (now Sectigo). If you see such a status displayed for your SSL order, please contact our SSL Support Team
for the assistance.
: If a brand word (such as "Windows", "Microsoft", any other of the kind) was detected in your certificate common name, and it is a Domain Validation
type of certificate, most likely, the order will be rejected as Comodo (now Sectigo) requires using an Organization Validation
or an Extended Validation
type of certificate in such cases so that the company identity could be verified properly.