The first validation check for an Organisation Validation SSL certificate is called Organisation Authentication. The Certificate Authority (CA) will verify that your organisation is a legitimate legal entity. That may sound like a long and arduous task, but if your company’s registration information is publicly listed and up-to date, it’ll be a breeze.
What is Organisation Authentication?
Organisation Authentication is perhaps the most involved of all the Organisation Validation checks. Basically, the CA just wants to see that your organisation is registered and active within your location. That’s why it’s vital that all of the listed information from your organisation’s registration matches the details that you supplied in your CSR.
Note: If your organisation operates under any trade names, assumed names or DBA’s, all of that registration information needs to be up to date and accurate as well.
The primary way that the CA’s will try to verify this information is by checking online government databases in your local municipality, state or country—whatever government site publicly displays your business entity registration status.
For Australia, that means the Australian Business Register or Australian Securities and Investments Commission (ASIC) .
For New Zealand, that means the New Zealand Companies Office Companies Register .
If the details match up, then you’ll have satisfied this requirement. If not, don’t sweat. There are other methods your CA can use to authenticate your organisation.
Official Registration Documents
You can use the business registration documents that have been issued by your local government to satisfy this requirement. Examples of these types of documents include articles of incorporation, chartered licenses and DBA statements—anything from the government showing your company is a legitimate legal entity.
Dun & Bradstreet
You can use a comprehensive DUNS Credit Report to verify specific details associated with your business entity. In Australia D&B operates as Hoovers. Their credit reports are held in high esteem by the CAs and can be used to satisfy multiple requirements.
D-U-N-S Number Information
Legal Opinion Letter
You can also get a Legal Opinion Letter, sometimes call a Professional Opinion Letter or POL. This is a document in which an Attorney or Accountant (that is licensed and in good standing with the governing body in your location) vouches for your company’s legitimacy. It carries a lot of weight in the eyes of the CA’s. A POL can be used to satisfy 4 out of the 5 requirements for obtaining an OV SSL.
- Example Comodo Legal Opinion Letter
- Example GeoTrust Legal Opinion Letter
- Example Symantec Legal Opinion Letter
- Example Thawte Legal Opinion Letter
Any of these methods will satisfy the Organisation Authentication requirement.