SSL OV/BV Verification Process

The validation process of the OV / BV certificate comprises three phases:

  1. domain ownership control,
  2. organization verification,
  3. a callback process.

The process takes about 2-5 working days in case all the documents are correct and delivered on time.

First step – Validate the organization

To pass Business / Organization validation, it may be necessary to provide some official registration documents to the certification center. Mostly they require a Business License / Incorporation / Registration Application. You can send them by post, fax or e-mail in PDF / JPG format. We strongly suggest using the email method.

Option A (most popular)
No paperwork. The legal existence of the company has been verified through the public government database using the company name or unique identification number (registration number) OR through verified third party public databases such as GLEIF, Duns & Bradstreet, Hoovers, Companies House GOV.UK, Lursoft .lv and others.

Option B (suggested)
Verifying the company with the LEI code only takes minutes / hour, not days and weeks. We strongly suggest using this method.

Option C
The company can be verified using one of the documents such as the Articles of Association, the commercial license issued by the government, the copy of a recent bank statement of the company, the copy of a recent telephone bill of the company, the copy of a recent utility bill. main users of the company (eg electricity bill, water bill, etc.).

Second step – DCV process

DCV (Domain Control Validation) is the verification of the ownership and control of domain names. It is possible to validate the domain through various methods such as validation via email, DNS CNAME and Hash file HTTP / HTTPS.

via email (most popular)
DCV via email is the most traditional method of passing ownership verification. The certification center will send an email to the administrative contact of your domain. The email contains a unique validation code and a link to a certification website to enter the code.

It is possible to use “magic five” e-mail addresses: admin @, administrator @, hostmaster @, webmaster @ and postmaster @. In some cases, WHOIS administrative e-mail can be used; private registration must be disabled.

To validate the domain via DNS CNAME record, you must use the hashes that we extract from the CSR code you send. It takes from 10 minutes and up to 24 hours to validate the domain; it depends on your TTL DNS server.

via Hash HTTP / HTTPS file
Quick and easy method to pass the validation of the domain as it requires you to upload a text file (.txt) with hashes extracted from your CSR code. The file must be accessible from the web. Use the HTTPS method when SSL is already in use and the website is available through HTTPS: //

Third step – Recall process

The last step is a recall process. For OV / BV certificates, SSL providers use an automatic callback process. The Comodo robot calls you on the verified number and tells you a verification code. To validate the official phone number, you can use any of the options:

Option A
The certification center verifies the phone number via public yellow pages Databases such as, please contact our sales / support managers for a more accurate list of databases and options for your regions.

Option B
Verification of numbers via trusted / governmental databases such as Duns & Bradstreet, Hoover OR your local government database if it includes company telephone numbers.

Option C
Verified legal opinion or accountant’s letter signed by a notary. The certification center can verify the notary legality.