RSS Feed
Knowledgebase : Comodo Certification Authority > Certificates > SSL > SSL Validation FAQs
Comodo recognizes that strong validation is essential for the continuing growth of ecommerce. Before issuing a certificate we validate both that the applicant owns, or has legal right to use, the domain name featured in the application and secondly that the applicant is a legitimate and legally accountable entity. To do this we need to have access to documentation which verifies these two factors. For more details of the need for strong SSL validation
To ensure that our products are both secure and trusted we carry out a two step validation process, which we believe is essential to give our customers, and theirs, confidence in the trustworthiness of their website. A weakly validated certificate risks losing the trust of consumers who rely on such certificates to ensure their personal details are secure. Click for further information on SSL validation
Yes, we will need to validate you ourselves as our criteria for issuing SSL certificates are often more stringent than those of other Certification Authorities.
We accept many forms of documentation, from many countries. To find out what documentation we accept for your country of business go to: http://www.instantssl.com/ssl-certificate-support/validation_guidelines_table.html
We are happy to accept documentation via email, fax or post: Email: docs@comodo.com (Accepted formats: .gif, .jpg, .bmp, .pdf, .efx, .tif.) Fax #: 1-866-831-5837 (US and Canada), +1 801-303-9291 (Other) Post: Comodo Group, 3rd Floor, Office Village, Exchange Quay, Trafford Road, Salford, Greater Manchester, M5 3EQ, United Kingdom.
We take the issue of confidentiality very seriously. All documentation received is kept securely; hard (paper) copies are filed in a secure cabinet and electronic copies are stored on a secure server. Both the secure cabinet and server have restricted access policies in place, which prevents any unauthorised personnel from having access to your documentation. For more information concerning the processes that we need to follow in order to maintain our annual Webtrust certification, please vi...
We keep all provided documentation for 7 years as per our CPS http://www.comodo.com/repository/Comodo_WT_CPS.pdf. After 7 years all stored documentation is destroyed. Paper documentation is shredded and recycled and electronic documentation, which is regularly archived to CD-Rom, is also shredded.
If you order subsequent certificates, through your existing (retail) account, we don't need you to re-send your documentation unless you have changed your account details or the documents are more than 39 months old. If we have any queries, we will contact you via the administrators email address on the account and request documentation if required. If you order subsequent certificates without using your existing account, we will require and request documentation from you.
If you are able to provide documentation from Domains by Proxy to show that you are the actual registrant, we are able to validate and issue your certificate. If you are not able to provide such documentation, as the registrant is "officially" Domains by Proxy, we are not able to validate and issue your certificate.
If we already have a record of your company and domain name(s) in the IdAuthority, the largest company directory on the web, we will be able to expedite your SSL application. In most cases, this means that validation of your application and issuance of your SSL Certificate may only take a few minutes. If we do not already hold sufficient information on your company and domain name(s), or your application data does not completely match the IdAuthority entry for your website, we may require ad...
WHOIS is a TCP-based query/response protocol which is widely used for querying a database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet. The WHOIS system originated as a method that system administrators could use to look up information to contact other IP address or domain name administrators (almost like a "white pages"). Comodo uses WHOIS databases to validate site information for the orders it receives.
A domain name registrar is a company accredited by the Internet Corporation for Assigned Names and Numbers (ICANN) to sell Internet domain names. ICANN has authority over gTLDs, or Generic Top Level Domains. Examples of gTLDs include .com, .net and .org. ICANN does not have authority over ccTLDs, or Country Code Top-Level Domains. Registrars compete with each other to provide the best support and services at the lowest price. A domain registry is database which keeps track of which domain nam...
1. DOMAIN VALIDATED CERTIFICATES (DV) * A - Email Challenge-Response DCV * B - HTTP Based DCV * C - DNS CNAME Based DCV Following completion of one of the elements above the certificate will be signed and released Additional details can be found using the following URL: Methods of Domain Control Verification [https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1367&nav=0,96,1,33] Note that ALL SSL Certificates MUST undergo the above DCV process in addition ...
Generally, in order to be accepted by a browser supplier, a certification authority must meet standards set either by the AICPA/CICA or by ETSI. The AICPA/CICA standard if called 'WebTrust for CAs' and the ETSI standard is called 'ETSI TS 101456 Policy requirements for certification authorities issuing qualified certificates'. These audit schemes impose requirements on the certification authority’s systems, personnel and procedures. But, they don’t prescribe the methods used by the certific...
A domain validated certificate is one in which the validated identifying information contained in the certificate is limited to the domain in which the Web site is located. If one of these certificates validates correctly, then the browser displays the padlock icon.
An organizationally validated certificate is one in which the validated identifying information includes the domain and information about he business entity that operates the Web site, such as its registered business name. Organizationally validated certificates differ from extended validation certificates in that they are not necessarily issued in compliance with the extended validation guidelines. Furthermore, the organizational identifying information they contain does not receive prominent...
An extended validation (EV) certificate is a certificate issued in conformance with the extended validation guidelines. The organizational identifying information receives prominent display in some browsers.
The extended validation guidelines contain a set of requirements on the operations of certification authorities that issue extended validation certificates. These requirements mostly govern the process of validating the identifying information that is to appear in an extended validation certificate. However, they also establish requirements for several other aspects of a certification authority’s operations, including: insurance coverage, revocation services, cryptographic key parameters, pers...
Because there are no generally accepted standards for verifying the organizational information that is contained in some certificates, uncertainty has arisen in users’ minds over the significance of the padlock icon. This confusion has been compounded by the growing practice of Web site operators to display padlock icons within the site contents. Furthermore, the URLs that commonly appear in browser address bars have become obscure and users can no longer use these to assure themselves that th...
To get an update on the status of an SSL order that is awaiting validation please register on our support site. Once you have registered you may either submit an email to docs@comodo.com or you may submit a support ticket to the Validation Docs department. The validation team will then respond with the reason for the delay in issuing or validating the SSL certificate. When submitting an email please submit in the following or similar format: Name: Order #: Domain, IP or private server na...
In order to make changes to your Comodo account information we will require the following: 1. A clearly written request either by fax or a ticket submitted via http://support.comodo.com. Example: Please change the account information associated with order [Insert Order Number] to: [Name of organization or individual] [Street address] [City] [State or Province...
First make sure that you have registered your email address on our support site. Then follow the instructions below: In order to change the email address associated with your Comodo account you will need to send a request from the email currently associated with the account to accountchanges@comodo.com. If you are unable to send from the email address which we currently have on record then the new email address for the account must be at a domain which is currently associated with the a...
PLEASE NOTE:  AS OF 1 NOVEMBER 2015, COMODO WILL NOT ISSUE ANY PUBLICLY TRUSTED CERTIFICATES FOR NON-PUBLICLY REGISTRABLE DOMAIN NAMES OR INTERNAL/PRIVATE IP ADDRESSES.    (a) As of July 1, 2012 (Effective Date), the use of Certificates containing Reserved IP Address or Internal Server Name has been deprecated by the CA / Browser Forum [http://www.cabforum.org] and the practice will be eliminated by October 2016. Also as of the Effective Date, Comodo WILL NOT issue a certificate with an Expiry...
All Comodo certificates MUST pass through DCV (Domain Control Validation) before they are issued. DCV is a mechanism used to prove ownership or control of a registered domain name. There are 3 mechanisms for DCV: * eMail-based DCV (Traditional) You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control. Valid email addresses are: Any email address whi...