Domain Verification

The next requirement for Organization Validated SSL is Domain Verification. This is where the Certificate Authority (CA) will attempt to verify that your organization owns the domain in question.

What is Domain Verification?

To satisfy the Domain Verification requirement you need to prove that your organization owns the domain that was registered for.

There are several ways to do this, but the CA is going to start by looking at the WHOIS registry. WHOIS, is an internet database that stores domain registrar information. For this approach to work the record must be publically available, and the record must display the verified business name with corporate identifier (if applicable) along with the physical address.

If the WHOIS registry is publically available and checks out against the information you supplied during enrollment, then you've cleared this requirement.

If not, there are three other ways to satisfy the Domain Verification requirement.

Alternative Methods

Additional ways to satisfy this requirement include:

  • Updating your WHOIS Record – If the details in your WHOIS record are outdated or incorrect, or if a privacy setting is enabled, you can update the record and request that the CA check your WHOIS details again.
  • Proof of Right Email – The CA can also use email to verify domain ownership. An email can be sent to the address on the WHOIS record, or it can be sent to one of five pre-approved email addresses:
  • Legal Opinion Letter – If your details can't be seen or updated, you can also have an attorney or an accountant (who must be in good standing) sign a letter verifying your ownership of the domain. This is called a Legal Opinion Letter (also known as a Professional Opinion Letter or POL). While obtaining a POL can be a pain, it's usefulness is undeniable—it can be used to satisfy four of the five OV requirements.

All of these methods will satisfy the Domain Verification requirement.