This document is a guide to obtaining SSL Certificates products that require validation against an organization. The term Organization is used to represent companies, government agencies, non-profit organizations and other organizations that can be proven by having legal documents. Acceptable documents from both government agencies and legitimate legal entities.

Proses verifikasi SSL dengan Organization Validation (OV)

Organization Validation (OV) is a verification process required by the Certificate Authority to ensure that the identity and information of those ordering SSL Certificates is appropriate and correct. There are 4 steps required by the Certificate Authority to obtain SSL Certificates that have the type of validation with Organization Validation (OV).

1. Organization Authentication

a. Ensure that your organization is registered with a government agency. The Certificate Authority will ask you to submit legal documents that apply to your organization such as:

• Company: Deed of Company Establishment, SIUP, Company Registration Certificate.
• Government Institutions: Ministerial decrees, official decrees.

IMPORTAT: Make sure the name of the organization you register matches that on your legal document or organization permit. This is done to avoid the possibility of the Certificate requiring additional verification which could slow down the verification process for your organization.

b. Name The organization must use a name that corresponds to the name listed on the legal documents of the company or organizational institution.

c. Trademarks, Product Names and names such as “Collaboration partners” will not be accepted by the Certificate Authority.

2. Domain Authentication

a. For information and addresses listed on the whois register domain, please use the name that matches the name on your organization’s legal documents.
b. If the above is possible, one of the following could be an alternative:

• Confirm domain ownership email (Domain Rights Confirmation email), the Certificate Authority will send an email confirming domain ownership to the email contained in whois.
• Company Certificate (Professional Opinion Letter), complete and send the Professional Opinion Letter document which has been completed and signed by the Legal department (Lawyer, Notary) and the public accountant.
• Short demo (Practical Demonstration), the Certificate Authority will contact the organization’s contact information and ask customers to post a code provided by the Certificate Authority on your website page. Once the Certificate Authority can see the code on your website, then the validation process for your domain has been approved.

3. Address and Telephone Authentication

a. For Certificates originating from Symantec and Thawte will only confirm the City and State/Province information from where the Organization is located
b. For Certificates originating from GeoTrust, the information submitted in the Administrative Details must exactly match the Organization’s address.

c. The telephone number used by the Certificate Authority when making a telephone call does not have to be exactly the same as the telephone number according to the address as long as it is still a domestic number. The Certificate Authority will first look for a telephone number that matches your address. If you wish that the Certificate Authority can contact you at an office number in a different location, please notify the Certificate Authority about this or through us.

d. After the Authority searches for information on the address or telephone number and does not find it, below are alternatives that can be used to fulfill the address verification process, such as:

• Create/register a listing of your organization’s address and telephone number in an information database such as Yellow Pages Indonesia or similar DUNS and Bradstreet as well as on websites such as Ahu.go.id, and kemenkumham.go.id.
• Your organization’s payment invoices or billing such as telephone billing, Internet, or bank statements, etc. from the last 3 months which can also show the name of the organization, address and telephone number of your organization.
• Company Certificate (Professional Opinion Letter), complete and send the Professional Opinion Letter document which has been completed and signed by the legal department (Lawyer, Notary) and the public accountant.

4. Verification Call

a. The purpose of this call is as a final confirmation of your Certificate ordering process and to ensure that the information contained in the organization contact has received permission from officials in your organization. This is a condition for issuing a Certificate and has been approved if you include your name as Contact Details such as Technical Contact and also consent for it to be issued in the name of your organization.

b. The Certificate Authority will also make a telephone call to the Certificate orderer at the confirmed telephone number listed above. Note: After the Certificate Authority has confirmed the telephone number listed, and there is a difference in the telephone number for contacting the contact information on the Certificate, the Certificate Authority will contact the second number.

c. The Certificate Authority will call customers 2 (two) times during business hours. If the Certificate Authority is still unable to speak with the customer, the Authority will send an email to the customer to ask for information on the customer’s willingness to receive calls from the Certificate Authority.

• The Certificate Authority will not make telephone calls outside of working hours unless it is a direct request from the customer himself.
• When you request verification via telephone, please ensure that you are at the office according to the location of the registered telephone number.

Further questions?

If you have further questions regarding the need for the verification process, please click Here.