Comodo Validation Requirements: Difference between revisions

From Acenet Knowledgebase
Jump to navigation Jump to search
No edit summary
No edit summary
Line 17: Line 17:
Additional details can be found using the following Comodo URL:
Additional details can be found using the following Comodo URL:


[https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=430 Methods of Domain Verification]
[https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1367&nav=0,96,1,33 Methods of Domain Verification]


{{note| Note: All SSL Certificates must undergo the above DV process in addition to any other requirements listed below for OV and EV certificates.}}
{{note| Note: All SSL Certificates must undergo the above DV process in addition to any other requirements listed below for OV and EV certificates.}}

Revision as of 17:03, 27 May 2013


All Comodo certificates must pass through Validation before they are issued. Here are the different types of Validation:

1. Domain Validation (DV)

  • Email Challenge-Response DV
  • DNS CNAME Based DV
  • HTTP Based DV

Following completion of one of the elements above the certificate will be signed and released

Additional details can be found using the following Comodo URL:

Methods of Domain Verification

Note: All SSL Certificates must undergo the above DV process in addition to any other requirements listed below for OV and EV certificates.

2. Organization Validation (OV)

Step 1 – Verify Identity and Address - This can be acquired using the following online resources:


A. If the Applicant is an Organization (corporation, government agency, registered business entity, etc.), Comodo must verify its Identity through one of the following (these may also be used to verify address if it's included):

  • A government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition
  • A third party database that is periodically updated and considered a Reliable Data Source (see QIIS below)
  • A site visit by the CA or a third party who is acting as an agent for the CA; or
  • An Attestation Letter


QIIS (Qualified Independent Information Source):

http://www.dnb.com/

http://www.hoovers.com/

http://www.whitepages.com/

http://www.companieshouse.gov.uk/ (United Kingdom)

http://world.192.com/ (International)


Comodo may use the following to verify the address provided that identity has been verified as required above:

  • Articles of Incorporation (with address)
  • Government Issued Business License (with address)
  • Copy of a recent company bank statement (you may blacken out the Account Number)
  • Copy of a recent company phone bill
  • Copy of a recent major utility bill of the company (i.e. power bill, water bill, etc.) or current lease agreement for the company


B. If the Applicant is an Individual, Comodo must obtain all of the following:

  • Copy of a valid driver's license or passport of the Applicant
  • Copy of a recent (within the last 6 months) major utility bill (i.e. power bill, water bill, etc.) or bank statement of the Applicant
Note: If the Driver’s License and Passport is not listing any address details or those details do not match with the account, then we need a copy of a valid driver's license or passport of the Applicant and two documents of recent major utility bill (i.e. power bill, water bill, etc.) and/or bank statement of the Applicant.


Step 2 – WHOIS Verification (Registrant company name and address)

Step 3 – DV (Domain Validation)

Step 4 – Callback to a Verified Telephone Number (to verify applicant)


The phone number must be verified via one of the following:

  • Government database (QGIS)
  • Other third party database (QIIS)
  • Verified legal opinion or accountant letter


Once the phone number is verified, Comodo Validation Staff will call the Applicant to verify the authenticity of the certificate request. Following successful completion of the elements above the certificate will be signed and released by Comodo.