Requirements and the certification process

The certification process

Verification of the domain, applicant and certificate details

The e-mail address presented in the order form must belong to the domain for which the SSL certificate will be issued. The e-mail address will be treated by the issuer as a contact address.

The person named in the application for the SSL certificate is the person responsible for contacting the issuer. He or she should be able to confirm validity of the data provided in the order form during the telephone verification by a Geotrust employee. It is advisable that this person is an employee of the company who applies for a certificate. He or she must be authorized to apply for a certificate and make decisions on behalf of the company.

The issuer verifies the information contained in the certificate application with the responsible person named in the application during a telephone conversation. The following information is confirmed:

the name of the company applying for the certificate and the right of the named person to act on behalf of the company

knowledge about the ownership of the company's domain which is to be protected and the rights to use it

the will to submit an application

recognition of the company issuing the certificate as a reliable certificate supplier (based on a contract with the issuer)

If the issuer is not able to verify any of the above, an additional, written opinion may be requested to clarify any doubts, e.g. a lawyer's or the company's chief accountant's.

Required documents

The most important aspect affecting the speed and ease of verification is the consistency of information provided in the request to sign the certificate (CSR) with the company's registration documents and domain subscriber data. The coherence of this data is crucial and ensures a prompt, successful certification process.

Documents required by the issuer:

1. Proof of ownership / registration of the domain for which the certificate is ordered. Such a document can be obtained from the institution that registered the domain such as NASK, TASK, IPP TAN, ACK Cyfronet, ICM. A VAT invoice is not proof of ownership of the domain.

2. Current document confirming the registration of a given company / institution under the given name:

  • - for legal persons - an extract from the National Court Register
  • - for individuals - confirmation of REGON number assignment, NIP number, REGON number or entry in the register

3. Data of the person holding the decision-making and technical position:

  • - Surname and name
  • - Position according to the western nomenclature (eg IT Director, Technical Director, Administrator)
  • - Telephone number in international format (e.g. +48 22 ...)
  • - E-mail adress

4. Complete company / institution data:

  • - Full name of the company / institution (worded in accordance with the registration documents, ie entry in the register, extract from the commercial register)
  • - Full address of the office (street, postal code, city, name of the province)
  • - The name of the country in which the company is registered,
  • - Telephone number in international format
  • - Fax number in international format

5. Certificate request file - CSR

6. Full name of the SSL server software for which the certificate is to be generated (eg Apache-ModSSL, Microsoft IIS 5.x)

Important: all data must be consistent, otherwise the certificate application may be rejected.

The above data and scans (PDF, JPG, PNG) of documents should be attached to the application for a certificate filled in through our portal. These documents will be forwarded to the issuer for certification.