Much like with Organisation Validation, one of the checks during the Extended Validation process is called Organisation Authentication.
What is Organisation Authentication?
The Organisation Authentication requirement is straightforward – This is where the Certificate Authority verifies that your company is a legitimate legal entity that is registered and active in its registered location.
Note: If your organisation operates under any trade names, assumed names or DBA’s, all of that registration information needs to be up to date and accurate as well.
In most cases the Certificate Authority will be able to verify everything via the use of online government databases:
For Australia, that means the Australian Business Register or Australian Securities and Investments Commission (ASIC) .
For New Zealand, that means the New Zealand Companies Office Companies Register .
It’s extremely important that the details listed in the register match the details you put down on the Enrolment Form and CSR or the CA will run into trouble and issuance will be delayed.
If the CA can’t authenticate your organisation using available online resources, you’re not out of luck. There are two other ways to complete the EV Organisation Authentication requirement.
Official Registration Documents
You can provide the CA with official registration documents that were issued by your local government—this includes items like articles of incorporation, chartered licenses or DBA statements. These all show that your organisation is a real business, and that it’s recognized by your local government.
Legal Opinion Letter
You can also get a Legal Opinion Letter, sometimes call a Professional Opinion Letter or POL. This is a document in which an Attorney or Accountant (that is licensed and in good standing with the governing body in your location) vouches for your company’s legitimacy. It carries a lot of weight in the eyes of the CA’s. If your company has in-house legal – this is the most convenient method to earn an Extended Validation SSL Certificate. A POL can be used to satisfy 5 out of the 7 requirements for EV SSL.
- Example Comodo Legal Opinion Letter
- Example GeoTrust Legal Opinion Letter
- Example Symantec Legal Opinion Letter
- Example Thawte Legal Opinion Letter
Either one will satisfy the EV Organisation Authentication requirement.