For DigiCert Premium S/MIME Certificate orders, industry standards require DigiCert to validate the organization included in your certificate request before we can issue your certificate.
The validation process is required to:
- Verify the legal existence of the organization and make sure it is in good standing
- Verify the legal physical address for the organization
- Prove your domain ownership
- Confirm your authority to order a certificate for the organization
To verify your organization's existence and status, DigiCert checks corporate registries, such as local government registration records, Dun & Bradstreet, and Business Profile on Google. We also check for history with fraud or phishing, and also whether your organization is in government restricted entities or anti-terrorism databases.
Most of the organization verification work is done by DigiCert, we generally ask for very little help from you. However, a DigiCert validation agent may reach out to you for an acceptable document to help DigiCert confirm your organization is a legally and lawfully formed organization.
To prove your domain ownership, there are two options:
- Email Verification: DigiCert sends an email with a verification link to five constructed email addresses for the domain: admin, administrator, webmaster, hostmaster, and postmaster @[domain_name].
- DNS Verification: Add a DigiCert generated token to the domain's DNS as a TXT record.
To confirm your authority to order certificates for the organization, DigiCert must first find a verified, publicly listed organization phone number. Next, DigiCert uses the verified phone number to speak with someone who represents the organization, such as an organization or technical contact, to verify your authority to request a certificate for the organization. DigiCert can also speak to you, the certificate requestor, if another representative is unavailable.