Domain validation provides fast and easy validation. It can be verified by choosing between email verification, hash verification, and DNS verification. Domain validation certificate does not contain business information.
Email Verification
The method of validation using an email address allowed by the certification authority.
for example :
administrator@yourdomain.com
webmaster@yourdomain.com
hostmaster@yourdomain.com
postmaster@yourdomain.com ... etc
HTTP/HTTPS File Verification
HTTP based DCV requires that a HTTP server be running on port 80 or that an HTTPS server be running on port 443 of the Authorization Domain Name that exactly matches the FQDN for which the certificate is requested.
Digicert(Thawte, Geotrust, RapidSSL)
http(s)://(www.)FQDN/.well-known/pki-validation/authfile.txt
Sectigo
http(s)://(www.)FQDN/.well-known/pki-validation/{md5 hash value}.txt
Certum
http(s)://(www.)FQDN/.well-known/pki-validation/certum.txt
* This method cannot be used for validating certificates with Wildcard names.
DNS CNAME or TXT Verification
A CNAME record cannot co-exist with another record for the same name. It's not possible to have both a CNAME and TXT record for www.example.com . A CNAME can point to another CNAME, although this configuration is generally not recommended for performance reasons.
DNS CNAME based DCV requires the creation of a unique CNAME record, pointed back to Sectigo.
We look for the CNAME at every valid Authorization Domain, i.e. we start with the FQDN and then we will strip one or more labels from left to right in the FQDN and will look for the CNAME on each intermediate domain. .
TXT Example
HOSTName Type VALUE
TXT xxxxxaaaaaxxxxxxxxxx_CA_Value
CNAME Example
HOSTName Type VALUE
_ca_host_id CNAME xxxxxaaaaaxxxxxxxxxx_CA_Value
Organization Validation (OV) is a type of SSL certificate validation that provides a higher level of authentication than Domain Validation (DV) but lower than Extended Validation (EV). OV SSL certificates require the certificate authority (CA) to verify the organization's legal and operational existence before issuing the certificate.
To obtain an OV SSL certificate, the organization must provide the CA with several pieces of documentation that demonstrate its legal and operational existence. These documents typically include business registration information, tax documents, and proof of physical address. The CA will verify this information before issuing the certificate, which can take anywhere from a few days to a few weeks.
Legal Business Registration
Once the OV SSL certificate is issued,
it will display the organization's name and location in the certificate details.
For OV, a business registration document is required as a document.
Please submit it to submit@letsbessl.com.
Telephone Verification (OV)
CAs will attempt to find information about your business on an approved
online business directory website(like Yellow page) such as Dun and Bradstreet.
Or CAs will attempt to find contact information that is permissible by third-party.
Final Verification Call (OV)
The CA attempt to verify the certificate order information
and the company by calling the confirmed contact.
Extended Validation (EV) is a type of SSL certificate validation that provides the highest level of authentication and trust for a website. EV SSL certificates require the certificate authority (CA) to perform a thorough and rigorous validation process to verify the legal and operational existence of the organization that owns the website.
To obtain an EV SSL certificate, the organization must provide the CA with a range of documents and information that demonstrate its legal and operational existence. This typically includes business registration documents, tax documents, proof of physical address, and other supporting materials. The CA will perform extensive checks on this information, which can take several days or weeks to complete.
EV SSL certificates are ideal for websites that conduct sensitive transactions or handle sensitive information, such as e-commerce sites, banking and financial institutions, and government agencies. The EV validation process provides an additional layer of assurance and helps to reduce the risk of phishing and other types of online fraud.
Extended Validation (EV)
Domain validation(DV)
Organization Validation(OV)
Extended Validation (EV) TLS/SSL certificates are differentiated by the level of identity checks
they require and protect brands against.