Your SSL.com Account – Validations

The Validations page is where you can manage any validation actions required for your SSL.com certificate orders. This document, part of our portal documentation, is a guide to using the Validations page. (You may refer to our documentation for any additional information on other features or pages you might have questions for.)

If you haven’t performed any validations before, please read the introduction to the Validations page interface, or skip ahead to the appendix section first for more information on how validations work. If you feel at ease with SSL.com’s validation process please feel free to skip ahead to the section of your interest using the links below:

Introduction to the Interface

The Validations page allows you to manage any outstanding validations associated with your certificate orders. Clicking the Validations tab will show you an overview of the pending validations. You may use the search bar to find a specific order by Subject or reference number (shown under certificate #), or look for it in the list.

Each list item represents a pending validation that is associated with one of your certificate orders. The interface will present you with the Validation Status and the next Action you should take to continue the validation process.

Right below each Subject, list items contain four links; the open link will expand or minimize the item, while the details link will redirect your browser to the certificate order details. documents will focus the validation documents section shown in the list item above, and finally the seal link will redirect your browser to the site seal management page.

You can also find the details of the certificate this validation pertains to, such as the certificate type or validation level. This information is valuable when you have to manage several outstanding validations at once.

Below the certificate details, there is a section listing the attached validation documents (if any), also allowing you an easy shortcut if you wish to quickly upload additional documents.

Finally, the portal provides you with the option to perform the validation over the phone via our Callback URLs. Please check the callback section for information on this feature.

Context-Specific Actions

The Validations page is a smart way of keeping track of what you need to do to let us validate your information, and issue your certificate, as quickly as possible. We understand that navigating the portal trying to find the next step in the validation process, or where to upload your information, can be quite frustrating, especially if you have to perform validations for several certificates at once.

For this reason, each pending validation appears in the Validations page as a list item, which only presents you with the next action that you have to do in order to move that validation forward.

For example, a pending validation for a DV certificate only requires you to perform domain control validation. As a result, such a list item will ask you to perform the domain control validation as the next available action.

In contrast, a pending validation for a code signing certificate (which is an OV certificate) requires that you provide us with identifying information before we can issue a certificate for you. Hence, the Validations page will ask you to upload the necessary documents instead of performing a domain validation.

In cases where you wish SSL.com to issue higher-assurance certificates, such as our Premium or EV SAN certificates which require multiple actions on your part, the Validations page will guide you through all the steps in the correct order. Following the steps for a validation is similar to following an installation wizard in Windows.

Note: If you encounter a case where a validation process is not moving along when it should have been, please don’t hesitate to drop us an email at support@ssl.com and an expert will help you with any issues.

 

Uploading Documents

One of the most common actions for validations is uploading identifying documents. You can find more details on how validation documentation works in the appendix section; however, you only have to learn it once. After the first few times you will get familiar with the interface and validations will not be an issue.

When presented with the option to upload documents for a pending validation, you can either click the upload documents link in the Action column, or click the UPLOAD DOCUMENT(S) icon in the Validations (and Orders) page.

Either action will redirect your browser to a page where you can upload documents. As you can see on the top of the following image, validation – or more specifically uploading identifying documents – is part of the process of ordering a certificate.

The Validations page (as with most of SSL.com’s portal pages) allows you to abandon a certificate order at any step and return back to it when you are more prepared to complete it (e.g. when you have the validation documentation in hand, or you have confirmed the domains a certificate will be issued for).

Apart from the current step of the ordering process, this page also shows you the reference number of the certificate order this validation is associated with.

Tip: Always check the reference number to make sure you are performing the validation for the correct certificate order in order to avoid unnecessary delays.

As you may have already noticed, there are two buttons on this page (shown in red outlines) that allow you to select a file from your computer. This is done in order to allow you to easily perform single or batch uploads.

The first Browse button allows you to select one document from your computer, while the second Browse button allows you to select (remember to Ctrl+click) up to five files. The second button will also accept zipped documents. This feature is really useful when you have to manage multiple pending validations and you need to keep track of the documents for each page. Being able to archive all required documents in a single ZIP file can help a lot with book-keeping.

After having selected your files, click Submit to perform the upload. When this process is complete, your browser will be redirected to the next step for your order.

In case you are not required to upload any documents for a certificate order, you can move on by clicking Skip.

Callbacks

A common method to perform CA validations is over the phone. SSL.com’s customer account portal can provide you with a callback URL that you can click on your phone and our support agents will contact you. You can then proceed to perform the validation process normally without any additional charges.

Note: This process is mandatory for OV and EV certificates, however you only need to perform this once

Please note that we will only issue a callback URL for customers that have verified their contact details. You can do this by clicking on the details link in the pending validations list.

In the details page, please look for the registrant section and click edit registrant to add your contact details.

Clicking this link will redirect your browser to a page in which you can enter (or update if you’ve created them before) your (the registrant’s) contact details.

You can enable Save to Identity Manager to store this information in the portal, and you will only have to select this identity from the drop-down list in this form, instead of re-typing all the information.

After you are happy with the contact information, you may click Next (at the bottom of the page) to proceed with managing the validation’s contacts.

On this page, you may select any contact from the list of available contacts to be the validation contact for a certificate order. To appoint a contact as a validation contact please make sure that they have the Validation check-box enabled, and click the Add button. You will see the contact appear in the upper list as a selected contact.

You may edit any contact, at any point, by clicking the Edit button or create a new one via the large Create Contact button. Each change can be saved into the portal’s Contacts Manager and be preserved until you need to use the saved contact again.

When you are satisfied with your selected contacts, click Next to complete the process. You will be informed of your changes by a green banner.

If you now return to the Validations page and click perform callback, you will be greeted by a dialog box where you can add the email addresses that you wish to receive the validation callback URL.

Type the email addresses (separated by a space or a newline) and click Send. A callback link should arrive at the email addresses you just provided. Click the callback link and follow the instructions until your phone rings. For more information, and a step-by-step example of how validation callbacks work, please read our how-to for OV callbacks.

Note: If nothing happens when you click a callback link, please make sure that you have verified your contact phone number. If you’ve already done this and the callback still does not work, please contact us at support@ssl.com.

Appendix: Identity Validation in Certificates

Buying a certificate is a multi-step process, including steps such as submitting the information the certificate will contain and selecting the certificate’s assurance level or validity period.

Browsers and Operating Systems require publicly trusted CAs (that’s us) to validate the applicants’ (that’s you in PKI jargon) identity information before issuing any certificates for them. This level of identity validation affects the assurance level of the final end-entity certificate.

More specifically, the complexity of the validation the CA performs increases in proportion to the end entity certificate’s assurance level. Certificates can be:

  1. Domain validated (DV), such as our Basic SSL certificates.
  2. Organization validated (OV), such as our Multi-Domain or Wild-Card certificates.
  3. Extended validated (EV), such as our Enterprise EV SAN certificates.

DV certificates require the CA to validate that the applicant indeed has control over the server they requested a certificate for. There are multiple methods for an applicant to reassure the CA that they own the server, and an introduction to the most widely used of those methods can be found in our domain validation guide.

OV is the next assurance level after DV, which requires the applicant to additionally provide official identity documents, such as government ID documents or publicly available (i.e. independently verifiable) business licenses.

Finally, EV – the highest available assurance level – requires the applicant to perform domain control and organization validation in addition to submitting a filled-out EV authorization form. This form asks for official business information which will be manually vetted by two independent agents to confirm the applicant’s identity.

To see the technical requirements for each validation level, please refer to our requirements page here.

If you’re unsure about which certificate best suits your needs, we totally understand; please take a look at our article walking you through this decision.

We are always happy to listen to our customers! For more questions or for help with an issue, please feel free to drop us an email at support@ssl.com and an expert will find a solution for you. You can also call us at 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page.