What is the vetting procedure when purchasing an SSL?

When you buy an SSL certificate, the issuing authority will perform some checks on you or your business to verify your identity.

This step is important as it’s only by ensuring SSL certificates are issued correctly that the security of the system can be guaranteed. This ensures that your customers can have confidence and trust that you are who you say you are, which in these times, this is a real must-have for your business.

For Domain SSL Certificates, the vetting procedure is generally straightforward and is generally completed without you having to supply any further information.

For Organisation and EV SSL certificates, the vetting procedure is more thorough due to the level of trust provided by these certificates. As part of this process, our partner and certificate issuer Starfield Technologies will attempt to verify the following:

• Proof of your business – you’ll need to be a registered company on the Companies House database for at least 3 years
• Proof of your domain ownership – the domain name you’re applying the SSL certificate for must state your business within the WHOIS records
• Verification call – once this information has been verified, you’ll receive a call from Starfield Technologies to ensure the contact details you provided are correct and accurate. This contact number must be available from a public directory such as Yell.com

Please note: Starfield Technologies’ vetting procedures are compulsory and their ruling in the matter is final.

Furthermore, there is no set timeframe for this procedure, as it works on a case-by-case basis. However, most circumstances should allow the procedure to complete within a few days.