FAQ Hero
Public Trust & Certificates

What are the
validation methods
for TLS/SSL certificates?

What are the Validation Methods for TLS/SSL Certificates?

There are three levels of validation methods for TLS/SSL certificates. Extended Validation (EV) certificates require 16 methods of identity validation including verifying an organization’s name, status, type, registration number, jurisdiction, operational existence, physical address, phone number, employee contact, domain ownership, blocklist check and fraud check. Organization Validated (OV) certificates require nine validation checks about an organization’s type and status, and Domain Validated certificates only require one domain email verification.

Why are Authentication and Validation so Important?

TLS/SSL certificates are not only used for encryption, they can also show that a Certificate Authority has verified your company. In this way, the certificate also works as verification of your business. When a Certificate Authority issues TLS/SSL certificates easily without verification steps, the internet becomes an unsafe place with high fraud risks. Before DigiCert issues a high assurance certificate, we verify the organizational details of the entity that applied for the certificate. Through this vetting process we build confidence in your customers while making the internet a safer place for everyone.

How can Identity Checks Increase Trust in Digital Certificates?

Identity checks add an extra layer of security for digital certificates, thereby increasing trust in the certificate holder. By verifying the identity of certificate holders, Certificate Authorities (CAs) can confirm that the recipient has rights to the website domain, code or brand logo, for example, depending on the certificate type being issued. Identity checks come in the form of phone calls, in-person meetings, physical address verification, etc.

How do you Look Beyond the Lock in Web Browsers?

Internet users can look beyond the lock by clicking on the padlock icon in the browser URL. Once clicked on, a pop-up box will appear with another option to “Show Certificate” in Safari, click on “Certificate” and details in Google Chrome, and click on the arrow and “More Information” in Firefox. By viewing the details of a TLS/SSL certificate you can verify the domain owner’s identity or organization to ensure you’re visiting an authentic website.

View a step-by-step video here: