Skip to main content
Skip table of contents

Premium EV SSL Set-Up Guide

This guide will walk you through the process and vigorous validation process for Extended Validation SSL Certificates. Please read through this guide carefully and familiarize yourself with the information required to pass validation. If validation fails you will need to start the entire process over.

What is Extended Validation?

Extended Validation (or EV) SSL Certificates are the highest business level validation for establishing encryption to websites and internal systems.

The primary purpose of an EV Certificate is to identify the legal entity that controls a website, and enable encrypted communications with a website. The secondary purpose is to help establish the legitimacy of a business claiming to operate a website or distribute executable code. By providing a more reliable third-party verified identity that address information regarding the business, EV Certificates may help prevent problems related to phishing, malware, and other forms of online identity fraud.

How do I generate my CSR?

The CSR is like the blueprint for an SSL. It contains basic information for the SSL you are requesting such as the domain(s) submitted with the order. Uploading your CSR is one of the first steps in the process of creating your SSL.

  1. Login to your account at https://my.101domain.com
  2. Click on the Websites, Email & Security tab
  3. Select your SSL Certificate
  4. Click on the Reconfigure CSR button
  5. Upload your Certificate Signing Request (CRS) or paste your CSR code (this will be generated by your hosting service or from your system admin).

What are the steps for EV Validation?

Extended Validation requires multiple steps in which the Certificate Authority (CA) verifies the company or organization applying for the certificate in a multi-step process.

Step 1: Sign the Subscriber Agreement & Certificate Enrollment Forms

Agree to the CA’s terms. Simply sign the Subscriber Agreement & the Certificate Enrollment Forms and submit directly to the CA.

Recommended method: Submit forms online – you will receive an email containing a link to complete & submit forms online.

Alternative method: Email paper versions to the CA – complete and submit via email paper versions to evdocs@Sectigo.com or fax: 1-866-831-5837 (US) or 1-801-303-9291 (Int’l).

Step 2: Organization Authentication

The CA will verify that your business is real. Your legal entity name must be registered and active within your country/state and match your enrollment. If using a trade name, assumed name or DBA; make sure all fictitious registration filings are also up-to-date (additional documentation may be required to verify the Sole Owners identity).

Recommended method: Online Government Database – The CA looks at the official website of your country/state that publicly displays your business entity registration status. Everything must match enrollment details exactly.

Alternative method: Official Registration Documents – Submit business registration documents (i.e. Articles of Inc., Chartered License, DBA Statement) that were issued from your local government.

Step 3: Operational Existence

The CA must verify if your legal entity has been operational for 3 or more years.

Step 4: Physical Address

Your legal entity must have an established physical presence in the registered country/state. The CA must verify the street address, city, state & country. PO Boxes are not accepted!

Step 5: Telephone Verification

You must have an active telephone phone number listing verifiable by accepted telephone directories online. Listing must display the EXACT same verified business name with corporate identifier (i.e. Inc., LLC) and physical address. 

Step 6: Employment Verification

The CA must verify you are a full-time employee of the entity and have authorization to obtain a security product for this domain.

For steps 2-6:

Recommended method: Online Government Database – The CA looks at the official website of your country/state that publicly displays your business entity information:

  • Registration status (step 2)
  • Incorporation date (step 3)
  • Physical address (step 4)
  • Telephone number (step 5)
  • Company officer/executives (step 6)

Everything must match enrollment details exactly.

Alternative method: As an alternative method, verification of items 2-6 can be completed using a letter from a CPA, a chartered accountant, or a legal opinion from an attorney. The CPA and Attorney should have a verified license with a valid phone number from a government source (CPA verifier and bar association). Sample letters that are sufficient for verification can be downloaded from here.

Step 7: Domain Verification

The CA must you actually own the domain(s) submitted with the order.

Recommended method:

Domain Validation – the CA will provide you with a CNAME record to add to your DNS settings to validate the SSL Certificate. Once you have created the DNS record, this will then be verified by the CA.

Alternative methods:

Email Validation – the CA will send an email to the WHOIS registrar email address for the domain asking you to verify that you did indeed register for an SSL Certificate. As an alternative, if the WHOIS registrar email address is unknown, this email can be sent to one of the 5 pre-approved email addresses (i.e. admin@, administrator@, webmaster@, hostmaster@, postmaster@). Once you respond to that email in the affirmative, the requirement is considered satisfied and the certificate is issued.

HTTP(S) Validation – the CA will provide you with a special file that you will need to upload to your hosted server to validate the SSL Certificate. This will then be verified by the CA via HTTP or HTTPS.

Step 8: Final Verification Call

The CA must speak with you or the specified applicant (site admin) using the verified business telephone number to confirm the order details.

Recommended method:

Verified Business Telephone Number – this is verified through a phone call to the contract signer.

Alternative methods:

If the verified telephone number is not the applicant’s direct line, the CA can enter an extension, follow an IVR to connect directly to you, or can either be transferred or obtain another telephone number from a colleague after initiating the call using the verified telephone number.

How do I install my SSL Certificate?

Once your SSL Certificate has been verified using one of the verification methods, the certificate authority Sectigo will send you an email to let you know that your SSL Certificate is ready to be installed. A copy of your certificate will be available for download in your 101domain account.

  1. Login to your account at https://my.101domain.com
  2. Click on the Websites, Email & Security tab
  3. Select your SSL Certificate 
  4. Click the Download Certificate button
  5. Take the SSL Certificate file you just downloaded back to your hosting provider or your system admin (most likely the same place you got your CSR) and install the certificate 
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.