Skip To Main Content
Trustzone Logo

Certificates

    Solutions

      Join our Newsletter

      Contact Us

      FAQ: Validation and Verification

      This FAQ is to help you with any questions you may have regarding the approval procedure you have to go through after ordering a certificate from TRUSTZONE.

      This FAQ is to help you with any questions you may have regarding the approval procedure you have to go through after ordering a certificate from TRUSTZONE.


      What is a certificate approval?

      When you order your digital certificate, you must go through a thorough review, in which your domain and company etc. are checked. This approval process is also referred to as ‘vetting’. The areas of validation depend on the particular digital certificate you have ordered.

      What is the procedure for certificate approval?

      TRUSTZONE’s in-house Vetting team review your certificate order and obtain the necessary information from you. The approved certificate will then be issued.

      Why do I need to go through this process?

      The procedure of certificate approval (or vetting) ensures that digital certificates are issued only to owners, email addresses, and websites, which can be verified. That means it is an important security process for you. There are different levels and procedures for the various digital certificates.

      Vetting is particularly important when it comes to avoiding the issue of certificates to websites aimed at phishing.

      How do I obtain approval for a Business SSL certificate and a Business SSL Wildcard?

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      We then ask for domain control (verification of your domain) by means of one of the following methods:

      • Approval via email
      • Upload TXT in DNS
      • HTML file on your domain under ‘/.well-known/pki-validation’

      TRUSTZONE makes a confirmation call to a registered phone number belonging to the organisation. This will be checked in our approved sources.

      For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with CA/Browser Forum’s regulations.


      How do I obtain approval for an EV SSL certificate?

      For an EV SSL certificate, the first four steps of the procedure are the same as for a Business SSL certificate.

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      We then ask for domain control (verification of your domain) by means of one of the following methods:

      • Approval via email
      • Upload TXT in DNS
      • HTML file on your domain under ‘/.well-known/pki-validation’

      TRUSTZONE makes a confirmation call to a registered phone number belonging to the organisation. This will be checked in our approved sources.

      For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      Additional control for EV SSL certificates:  For jurisdiction, the registration number and country must be consistent with the national company register.

      EV SSL requires a so-called ‘Requester’, who must sign an application form.  This can be an external person.

      EV SSL requires an ’Approver’ to approve the order.  This can be an external person.

      EV SSL requires a so-called ‘Signer’ to sign a ’Subscriber Agreement’. If this person is external, there must be approval from the CEO.

      We also make confirmation calls to the ‘Approver’ and the ‘Signer’.  In addition, we must have confirmation of the appointment of the ‘Signer’ from another member of staff in the organisation. TRUSTZONE’s recommendation is for the Requester, Approver, and Signer to be one and the same person if the process is to be as quick and smooth as possible.


      How do I obtain approval for a Standard Code Signing certificate?

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      Nordic countries require Location and/or State. German and Austrian orders require both Location and State. Swiss orders require at least State.

      We make a confirmation call to a registered phone number belonging to the organisation.  This will be checked in our approved sources.  For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      If you include an email in the certificate, please note that the approval email will be sent to this email and must be approved before the certificate can be issued.

      When installing the Standard Code Signing Certificate you must use a USB token, which TRUSTZONE will send you.

      How do I obtain approval for an EV Code Signing certificate?

      For an EV Code Signing certificate, the first four steps of the procedure are the same as for a Standard Code Signing Certificate.

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      Nordic countries require Location and/or State. German and Austrian orders require both Location and State. Swiss orders require at least State.

      We make a confirmation call to a registered phone number belonging to the organisation.  This will be checked in our approved sources.  For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      If you include an email in the certificate, please note that the approval email will be sent to this email and must be approved before the certificate can be issued.

      Additional control for EV Code Signing certificate: For jurisdiction, the registration number and country must be consistent with the national company register. Please note that for Nordic countries the ’Location’ and ‘State’ jurisdiction should be left blank.

      EV Code Signing requires a so-called ‘Requester’, who must sign an application form.  This can be an external person.

      EV Code Signing requires an ‘Approver’ to approve the order.  This can be an external person.

      EV Code Signing requires a so-called ‘Signer’ to sign a ’Subscriber Agreement’.  If this person is external, there must be approval from the CEO.

      For an EV Code Signing the company must be more than 3 years old. If the company is less than 3 years old, we need a copy of the personal ID of the ‘Requester’.

      We also make confirmation calls to the ‘Approver’ and the ‘Signer’.  In addition, we must have confirmation of the appointment of the ‘Signer’ from another member of staff in the organisation.

      When installing the EV Code Signing Certificate you must use a USB token, which TRUSTZONE will send you.

      How do I obtain approval for a PersonalSign Express certificate?

      For a PersonalSign Express certificate, you will receive an approval email, which you must approve. You will then receive a link, where you can download your certificate.

      How do I obtain approval for a PersonalSign Business certificate?

      With a PersonalSign Business certificate, you can be authenticated as an employee in your organisation. Thus, the approval procedure involves verification of your employment in the company.

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      Nordic countries require Location and/or State. German and Austrian orders require both Location and State. Swiss orders require at least State.

      TRUSTZONE also makes a confirmation call to a registered phone number belonging to the organisation to confirm the existence of the member of staff who has ordered the certificate and approval of the order. The phone number will be checked in our approved sources. For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      • If you include an email in the certificate, please note that the approval email will be sent to this email and must be approved before the certificate can be issued.

      How do I obtain approval for a PersonalSign Department certificate?

      A PersonalSign Department certificate enables a department in your company to be authenticated. Accordingly, the approval procedure involves a verification of the department’s existence.

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      Nordic countries require Location and/or State. German and Austrian orders require both Location and State. Swiss orders require at least State.

      TRUSTZONE also makes a confirmation call to a registered phone number belonging to the organisation to confirm the existence of the department and the member of staff who has ordered the certificate and approval of the order. The phone number will be checked in our approved sources. For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      If you include an email in the certificate, please note that the approval email will be sent to this email and must be approved before the certificate can be issued.


      How do I obtain approval for an Adobe PDF Document Signing certificate?

      TRUSTZONE checks that the organisation entered in the Organisation field (O) is registered in the national company register or a qualified directory.

      We then make sure that the Location (L), State (S), and Country (C) fields are verified in relation to the registration of the organisation.

      Nordic countries require Location and/or State. German and Austrian orders require both Location and State. Swiss orders require at least State.

      TRUSTZONE also makes a confirmation call to a registered phone number belonging to the organisation to confirm the existence of the member of staff who has ordered the certificate and approval of the order. The phone number will be checked in our approved sources. For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      If you include an email in the certificate, please note that the approval email will be sent to this email and must be approved before the certificate can be issued. When installing the Adobe PDF Document Signing Certificate you must use a USB token, which TRUSTZONE will send you.

      Contact us for additional requirements if the certificate only applies to an individual person.

      What are the requirements for creating a Managed SSL account?

      TRUSTZONE checks that the organisation applying for the account is registered in the national company register or a qualified directory.

      We make sure that the organisation’s address is verified in relation to the registration of the organisation.

      We then ask for domain control (verification of your domain) by means of one of the following methods.

      • Approval via email
      • Upload TXT in DNS
      • HTML file on your domain under ‘/.well-known/pki-validation’

      TRUSTZONE makes a confirmation call to a registered phone number belonging to the organisation.  This will be checked in our approved sources.  For security reasons, TRUSTZONE cannot call a number that has not been verified in accordance with the CA/Browser Forum’s regulations.

      If you have an active Managed SSL it is possible to auto-validate a Business SSL certificate for faster activation of the certificate on the domain. If you need to add EV SSL certificates to your Managed SSL profile, these must be subjected to a manual validation procedure.

      Why is my Express SSL certificate suspected of phishing?

      TRUSTZONE’s partner, GlobalSign has a system for monitoring phishing. The phishing check means extra security for you because it ensures that your domain and certificate are credible.

      The phishing check can happen at 3 levels:

      • A word or combination of words included in our filter
      • A registered phishing website
      • Malware found on the site

      TRUSTZONE will run a manual check of the domain and, if necessary, we will contact you for further information.

      TRUSTZONE may be obliged to validate the order as if it were a Business SSL Certificate.

      Note that the domain can still be caught in phishing for other orders on the same domain. In most cases, we will be able to carry out the phishing check quickly, if we have previously validated the domain.

      Jon Tittmann

      Vetting/Support Team Lead & OpEx

      Jon has been an integral part of TRUSTZONE for the past six years, during which he has acquired substantial expertise in the cyber security field. As the team leader for our support team, he possesses a profound understanding of the sector, enabling him to resolve even the most complex challenges within the certificate industry effectively.

      Follow us

      Submit Your Technical Queries Here for Expert Assistance!

      We will contact you as soon as possible.

      Please enter your details below.