Extended Validation SSL Order Validation FAQ

General Information ID:    INFO1594    Updated:    08/23/2016

Description

Questions:
How do I check my order status?
My order status says, "Your response is required". What does that mean?
Why is my order pending?
How long does the process take?
Can I expedite my order?
How do I sign in to my account?
I just sent you my required documents, have you received them?
What is the Extended Validation Standard?
Who is eligible to receive an EV SSL Certificate?
Why do I need to send a Professional Opinion Letter?
What is Authentication?
How does Symantec authenticate my domain?
Can I add a SAN to my certificate?
What is Verification?
What does verification entail?
I received an email saying you have tried the verification call, can you call me now?
Can I schedule my verification call?
How do I renew my certificate?
Can I renew SSL Certificates and add the Extended Validation?
Why does my renewal have to go through the validation process again?

How long does it take to get a Replacement?
I have revoked and replaced my certificate a few hours ago, and I have not received it.
How can I revoke my certificate
I entered the Purchase Order number during enrollment, why do I need to send in a copy?
How much does a Replacement cost?
When will you charge my credit card?
How to contact Symantec Customer Support: for help with order validation

 

 Answers

How do I check my order status?
You can sign-in to your Symantec Trust Center account at anytime to get the most up to date information on your order. After you have completed buying, renewing, or replacing a certificate, the certificate appears in your Total Certificates list with a status of pending. Select the certificate and view its Status tab to view current order status details and validation progress. Check the status of a pending certificate regularly to see if it has been issued and to make sure you have provided all the information you need to fulfill Symantec's authentication requirements.     ^back to top^

My order status says, "Your response is required". What does that mean?    
If the Status tab includes the alert "Your response is required", review the alert details below and respond immediately to ensure faster processing of your certificate request. If your certificate request requires further action or information on your part, you will also be notified by email and/or telephone. Prompt response to these requests enables swifter processing of your order.    ^back to top^

Why is my order pending?
Symantec begins processing all orders within one business day and your SSL Certificate will be issued once authentication is complete. For the benefit of you and your customers, all certificate orders undergo a stringent authentication process to confirm the legitimacy of the submitted organization and common name. During the validation process Symantec will send you communications on any required actions that need to be completed by you.    ^back to top^

How long does the process take?
When authentication and processing is complete, within an average of 2 business days, the certificate's technical contact will receive an email containing your certificate and instructions for installing it.    ^back to top^

Can I expedite my order?
Authentication for new certificates could take 24 hours or up to several days, depending on the verification information you provide and whether or not your certificates are pre-approved. If you have any questions please contact Customer Support.    ^back to top^

How do I sign in to my account?
If you do not already have a Symantec Trust Center account and sign-in (username and password), you can create your account when you buy, renew, or replace a Symantec SSL Certificate or Trust Seal. To buy, renew, or replace a certificate and get your Symantec Trust Center sign-in, go to http://www.symantec.com/ssl-certificates     ^back to top^

I just sent you my required documents, have you received them?
Our typical turnaround time for processing incoming documentation is 24 hours.    ^back to top^
 

What is the Extended Validation Standard?
In 2006, a group of leading SSL Certificate Authorities (CAs) and browser vendors approved standard practices for certificate validation and display called the Extended Validation Standard. To issue an SSL Certificate that complies with the standard, a CA must adopt the extended certificate validation practice and pass a Webtrust audit. The validation process requires the CA to authenticate the certificate applicant’s domain ownership and organizational identity, as well as the individual approver’s employment with the applicant, and authority to obtain the Extended Validation SSL Certificate. See INFO1595 which outlines our authentication and verification processes.     ^back to top^

Who is eligible to receive an EV SSL Certificate?
The CA/Browser Forum dictates what kinds of entities are eligible to obtain EV Certificates. The following entities are eligible provided they are currently registered with and approved by an official registration agency in their jurisdiction. The resulting charter, certificate, license or equivalent must be verifiable through that registration agency.

  • Government agencies
  • Corporations
  • General partnerships
  • Unincorporated associations
  • Sole proprietorships

The employment and authority of the person placing the certificate order must be verifiable. These business entities need to have a confirmable physical existence and business presence. Any assumed business names should be verifiable. A principal individual associated with the business must be validated and that person must confirm agreement to the certificate subscriber agreement. The entity cannot be located in a country where Symantec is prohibited from doing business or listed on any government prohibited list such an embargo restriction.     ^back to top^

Why do I need to send a Professional Opinion Letter?
In some cases, a professional opinion letter confirming that the requestor has the authority to obtain an SSL Certificate on behalf of the company must be submitted to Symantec. The professional opinion letter also may be used to confirm the organization registration, organization address, telephone number, domain ownership, and that the organization is conducting business. Once confirmed, the requestor may be able to purchase additional SSL Certificates based on the original letter. If a professional opinion letter cannot be obtained, our Certification Practice Statement outlines alternate authentication and verification processes.    ^back to top^
 


What is Authentication?
Symantec authentication confirms:

  • The organization and organizational contact are not listed in U.S. Government denied entity lists.
  • The organization is registered or licensed to conduct business.
  • The organization has a confirmed physical location and telephone number in the jurisdiction of enrollment
  • The organization owns or has the right to use the requested domain.
  • The organizational contact can be verified as an employee of the organization with authority to request the certificate.

^back to top^

How does Symantec authenticate my domain?
Symantec first tries to authenticate the domain listed in your enrollment through publicly available domain name registration information. If we cannot automatically authenticate your domain name control, we require an authorization letter from that domain's owner. This step prevents applicants from fraudulently or accidentally obtaining SSL Certificates for domains that do not belong to them.    ^back to top^

Can I add a SAN to my certificate?
During the enrollment process you can add up to 19 SANS to a certificate order. Once the order is submitted you can add additional SANS by contacting Customer Support to manually add them to your order.     ^back to top^

What is Verification?
During the verification call, Symantec must verify the following with the Organizational Contact: 
 

  • The name of the Certificate Requestor identified in the certificate request and his or her authority to obtain the Extended Validation certificate on behalf of the organization. 
  • Knowledge of the company's ownership and right to use the domain identified in the certificate request. 
  • Approval of the Extended Validation SSL Certificate request. 
  • Acknowledgement of signature of Symantec SSL Certificate Subscriber Agreement that includes all Extended Validation terms and conditions.

^back to top^

What does verification entail?
In order for us to fulfill our verification requirements, Symantec must be able to contact your Organization, and confirm that the Organizational Contact applying for the certificate is an employee of that Organization listed in the order. Symantec will then need to contact the organizational contact directly to confirm their knowledge of the order.   ^back to top^

Symantec must obtain an independently verified telephone number for the organization (e.g. using directory assistance or telephone directories) and calling that number to ensure that we can get through to the Organizational Contact. If we are unsuccessful in obtaining a valid third-party telephone number for the organization, we will send an e-mail to the Organizational Contact with alternate options.  

^back to top^

I received an email saying you have tried the verification call, can you call me now?
If you are currently in the office, you can contact Customer Support to initiate the verification process.   ^back to top^

Can I schedule my verification call?
You can contact Symantec via e-mail, chat, or telephone to schedule the verification call.    ^back to top^
 
How do I renew my certificate?
Go to http://www.symantec.com/ssl-certificates to initiate the renewal process or see KB solution SO1654  for full details and instructions.    ^back to top^


Can I renew SSL Certificates and add the Extended Validation?
When you renew individual SSL Certificates, look for the upgrade to Extended Validation. Due to the additional steps in the verification process, enrollment may take longer than traditional SSL Certificates and the express guarantee for 2-day delivery does not apply. Managed PKI for SSL accounts must be pre-qualified to request Extended Validation SSL Certificates before traditional certificates may be converted to EV. To upgrade SSL Certificates to Extended Validation, contact Symantec sales.
 

Why does my renewal have to go through the validation process again?
For the benefit of you and your customers, all certificate orders undergo a stringent authentication process to confirm the legitimacy of the submitted organization and common name Authentication for additional or renewal certificates could take as little as 1 hour or up to several days, depending on if the information you provide has already been authenticated in past orders. If any information has been updated from a previous order, Symantec will need to re-validate it before issuing.   ^back to top^

How long does it take to get a Replacement?
Replacement certificates with no changes can be initiated by signing into your Symantec Trust Center account. Go to http://www.symantec.com/ssl-certificates, to initiate the process. To qualify as a replacement certificate, the CSR details must be the same as those in the certificate being replaced. In other words, the common name (for example, symantec.com), organization (Symantec, Inc.), locality (Mountain View), state (California), and country (US) must all be the same in both certificates. Replacement with changes will have to be fully validated before issuance.    ^back to top^

I have revoked and replaced my certificate a few hours ago, and I have not received it.
You can sign-in to your Symantec Trust Center account at anytime to get the most up to date information on your order. If your replacement contains any changes in the CSR or order contacts Symantec will need to will need to re-validate it before issuing.    ^back to top^

Revocation
If the security of your certificate has been compromised, you should revoke it immediately. If you need to revoke a certificate for any reason, please see INFO180 for full instructions. Revoking a certificate will completely disable it and make it unusable. Important: There is no way to recover a revoked certificate.    ^back to top^

I entered the Purchase Order number during enrollment, why do I need to send in a copy?
We must review a copy of the purchase order, this ensures that all payment terms and billing information is correct.    ^back to top^

How much does a Replacement cost?
Symantec offers replacements free of charge for the life of the certificate, when no changes are made to the CSR information. Replacements with new information much be re-validated and are free of charge for the first 30 days of the certificate term.    ^back to top^

When will you charge my credit card?
We will charge your credit card for the full order amount 24 hours after order approval and issuance. If the certificate is not approved, we will notify you and you will not be billed.    ^back to top^

How to contact Symantec Customer Support: for help with order validation     ^back to top^

Americas:
Telephone: 1-877-438-8776 or 1-520-477-3102
E-mail: auth_support@symantec.com
Chat: go.symantec.com/login 

Australia and Asia Pacific:
Telephone: +61 3 9674 5500
E-mail: auth_support_apac@symantec.com
Chat: go.symantec.com/login-au

Europe, Middle East, and Africa:
Telephone: +41 26 429 7729
E-mail: auth_support_emea@symantec.com
Chat: go.symantec.com/login-ch 


 

Contact Support

Find Answers