Validation process for EuropeanSSL EV certificate

1

Create a Certificate Signing Request (CSR).

The Certificate Signing Request, or CSR for short, contains important information such as the host name to be protected or the key length and is normally generated directly on your server together with the PrivateKey. You need the CSR to initiate the order on our website and the PrivateKey to install the certificate on your web server after it has been issued. Never pass the PrivateKey on to third parties, as this could otherwise represent a security risk for visitors to your website. If you are unable to generate the CSR yourself, you can also use the CSR generator on our website.

If you use an IIS, the CSR must be generated on your server. Otherwise, the IIS will not accept the certificate during installation and the certificate will have to be reissued.

2

Order the certificate and verify the ownership of your domain.

You can easily and conveniently place the order on our website. In doing so, specify the CSR generated previously and select the desired validation method. You can choose between three methods for validating a domain-validated certificate:

Validation by e-mail

An e-mail will be sent to one of the following prefixes, which contains a link to confirm the validation. The following prefixes can be used:
- admin@
- administrator@
- hostmaster@
- postmaster@
- webmaster@
Validation via DNS

With this method, a specific CNAME entry must be created in the DNS settings of the domain, which will then be used to validate your domain. You will receive this information from us by e-mail.
Validation by file

For this method, a file must be placed on your web space and be accessible in the browser. You will receive the path and the file from us by e-mail following your order.

After placing your order, you will receive an order confirmation and an e-mail with instructions on how to confirm your domain ownership.

3

Verification of the specified data

In addition to domain validation, an extended validation of the ordering organization is also carried out when a EuropeanSSL EV certificate is ordered. The following validation steps are carried out:

Examination of the physical existence of the company

When checking the physical existence of a company, an entry in a QIIS (Qualified Independent Information Source) is used to check the company name, telephone number and address of your company. The following QIIS can be used.

handelsregister.de (https://www.handelsregister.de/)
upik.de (https://www.upik.de/)
dnb.com (https://www.dnb.com/)
hoovers.com (https://www.hoovers.com/)

If the validation via one of the QIIS does not work, it can be performed by one of the two following methods:

If your company is older than 3 years (important here is the registered date under handelsregister.de (https://www.handelsregister.de/) and your address, which you indicated in your order, with in the commercial register excerpt coincides, the examination can take place on the basis a commercial register excerpt.
If your company is less than 3 years old (important here is the entered date under handelsregister.de (https://www.handelsregister.de/) and not registered in a QIIS, an expert opinion must be submitted by a registered lawyer or a registered tax consultant. A template can be obtained from our support.

Special procedure for sole traders
A special procedure is required for EV certificate orders of a sole trader, as these companies are generally not entered in a public commercial register like handelsregister.de (https://www.handelsregister.de/). Two further documents, the face-to-face document and the template for validation of the identity by a lawyer are required. Please contact our validation department, we will be happy to provide you with these documents and guide you through the additional validation process.

Validation of the phone number

To ensure the authenticity of the order and the requesting/confirming/signing person, a call is made to a verified telephone number. Only a telephone number that is entered in one of the following online registers can be used for this purpose:

Global - https://www.dandb.com/
Global - https://www.hoovers.com/
German / Global- https://www.upik.de
Austria Only - https://www.herold.at
German / Austria - https://www.unternehmensverzeichnis.org
Europe - https://www.bisnode.com/
Spain - https://empresas.informa.es/
Europe - https://www.bvdinfo.com/en-gb/home
Europe - https://www.creditsafe.nl
Germany Business credit and commercial information only - https://www.firmenwissen.de/index.html
France only - https://www.aef.cci.fr/
UK Only - https://www.duedil.com
Sweden - https://www.allabolag.se
Japan - https://cnet.tdb.ne.jp/cnet/ta111p01/ta111pInit.do
Greek - https://www.acci.gr/acci/catalogue/result.jsp
Russian - https://www.spark-interfax.ru/promo/en/sources

The phone number must be entered exactly the same in one of the online registers.

Please send all documents, forms and other information over FAX, postal Service or email to:

EuropeanSSL
c/o EUNETIC GmbH
Draisstraße 1
DE-76448 Durmersheim
Fax: +49 7245 919 585
E-Mail: docs@europeanssl.eu

4

Confirmation of the Subscriber Agreement

The specified contact person will receive an e-mail containing all the validated information. This must then be confirmed.

5

Issue of the certificate

After confirmation of ownership and your organization's data, the order is subjected to a final internal check and the certificate is then issued. You will then receive an e-mail from us to the e-mail address stored in your account. The message will contain a zip file containing both the actual certificate (.crt) and all required root and intermediate files in a .ca file.

If you have any questions or problems with the order or validation process, please do not hesitate to contact our support.

How does the validation of an EV certificate at EuropeanSSL work (extended validation)?