What should I prepare before applying for an Entrust Server Certificate?
To ensure that Entrust can process your application for an SSL or WAP Server Certificate efficiently, please make sure that you have the following information:
An Authorization Contact
- You generate a Certificate Signing Request (CSR). You can find more information concerning Certificate Signing Requests in our CSR FAQ section.
- You own your domain name: Entrust will not be able to process your Server Certificate if the domain name is not registered to your company, parent company or subsidiary.
- A business telephone number that can be found using a third party search directory.
- Your contact information is accurate: During the application, you will need to provide three contacts:
who must be a senior member of your organization and have the authority to request certificates on behalf of your organization. This person is contacted when information is required for the Entrust Server Certificate.
A Technical Contact
who will receive the certificate when it is issued, and who is notified about certificate renewals and updates. The Technical Contact is usually the person responsible for the daily operation of the Web or WAP Server on which the certificates will be installed. If your server(s) are hosted by a third-party or ISP, someone within that organization should be listed as the Technical Contact.
A Billing Contact
who will receive all billing information regarding the purchase of your Entrust Certificate.
To better suit the needs of small organizations (25 employees or less), Entrust Certificate Services will allow the Technical and Authorizing Contact to be the same person. If your organization employs more than 25 people you will be required to provide separate points of contact or your application will fail the verification process.
What is the Entrust verification process for an Entrust Certificate?
To apply for an Entrust Server Certificate, you will need to provide the following information:
- Valid payment information (valid Entrust Purchase Order number, valid Credit Card Information or Promo Code)
- Authorizing Contact
- Technical Contact
- Billing Contact
- Certificate Signing Request (CSR)
Once your application has been submitted, the following information will be verified:
Online Consent Form
- Information about your organization (official registration, address, phone number, etc?)
- Right for your organization to use the domain name included in the CSR.
- Employment of the Technical Contact by the Authorization company
If the Technical Contact works for a subcontracting company (i.e., ISP) Entrust Certificate Services will forward a Consent Form to the Authorization Contact.
The Consent Form will also confirm that the Authorizing Contact has read and agreed to the terms of the CPS and Subscription Agreement.
How is this information verified?
In order to process your certificate, Entrust Certificate Services will verify:
Why does Entrust require a third party phone number source?
- Your company information against publicly accessible information.
- Domain ownership with Domain Registrar
- Employment of your Technical Contact through phone call to the Authorizing Contact.
When Entrust issues an SSL Certificate to any entity, that certificate leverages the trust of Entrust’s Root Certificate. This Root Certificate is embedded in the internet browsers that clients use to access websites over the internet. By issuing a certificate, Entrust is attesting to the client accessing the site the certificate is installed on that they can trust that the information they submit on that site is being securely transmitted to the legitimate business identified in the certificate. This attestation means that Entrust has performed due diligence in verifying that:
- the organization that the client is dealing with is a legitimate organization operating under the name identified in the organization name in the certificate
- that the organization verified is the registered owner of the domain
- that the individual who received the certificate was an authorized representative of the organization verified in step 1
In order to properly verify an organization as stated above, Entrust or its Verification Agent must be able to contact that organization by way of a valid third party phone source. This requirement ensures that Entrust is contacting the appropriate organization to obtain the necessary Proof of Right information. It also allows Entrust to confirm that the individual requesting the certificate is authorized to do so on behalf of the organization. These steps help protect your organization from the fraudulent use of its name in an SSL or WAP certificate.
What is a third party phone number source?
A third party phone source is a publicly available resource where the phone number registered to a business or individual may be listed. Some examples of third party sources would be Directory Assistance (555-1212 or 411), the phone book (white or yellow pages) or an online phone directory
Who can be a Technical Contact?
A Technical Contact will receive the certificate when it is issued, and is notified about certificate renewals and updates.The Technical Contact is usually the person responsible for the daily operation of the Web or WAP Server on which the certificate will be installed.If your server is hosted by a third-party or ISP, someone within that organization should be listed as the Technical Contact. Entrust will forward a Consent Form to the Authorization Contact. The Consent Form will confirm that the Technical Contact works for the Authorizing Organization and also that the Authorizing Contact has read and agreed to the terms of the CPS and Subscription Agreement.
Who can be an Authorization Contact?
An Authorization Contact must be a senior member of your organization and have the authority to request a certificate on behalf of your organization. This person receives a copy of the certificate when it is issued and is contacted if further information is required to process your request.
Why will my Authorization Contact be contacted?
Entrust or Dun and Bradstreet will call your Authorization Contact to verify the employment of your Technical Contact.
How do I proceed if I get an “Invalid CSR” message during the application?
Please refer to our CSRs FAQs section for all CSR related questions.
Why should I verify my Domain Name’s registration information before applying for an Entrust Server Certificate?
The certificate you receive from Entrust includes the common name of your Web server (for example, www.entrust.com). Entrust can only issue the certificate to you if your organization is the registered owner of the domain name that appears in the Web server’s certificate. For example, to receive a certificate for a server named www.entrust.com your organization must be the registered owner of the domain name entrust.com. To check the domain owerniship for you domain please visit http://www.checkdomain.com or other domain registries.
What if I am not able to contact the WHOIS database to perform my WHOIS lookup?
If you are unable to retrieve your WHOIS information, Entrust suggests that you try at a later time. If you are still unsuccessful, please contact our Support Team before applying for a Certificate.
What should I do if my company is not the registered owner of the domain?
If your company is not the registered owner of the domain (as verified through a WHOIS lookup), you must get the ownership information changed prior to submitting a certificate application. The information can be changed by your Domain Registrar.
What should I do if my domain registrant information is private?
Please contact your private registration provider or your domain provider to remove the private registration.
How can I check on the status of my application?
Entrust provides clients with an online form to check the status of applications. The form can be found at Customer Order Tracking page.. You will be required to enter your order number. Your order number was provided during the online application, and is referenced in the subject line of correspondence email sent to you regarding your application
How long does it take to get an Entrust Certificate?
From the time you submit your application, the processing time for an Entrust Certificate takes 3 to 5 business days for North America, and 5 to 10 business days for applications outside of North America.If the information you provided with your application is not adequate (i.e. your organization does not own the domain name you apply for), the processing time will take longer, or your application will be rejected.
How will I know if my application for an Entrust Server Certificate has been accepted or rejected?
You will be notified by Entrust when the verification process is completed.If your application has been accepted, you can pick up your Entrust Server Certificate by connecting to the URL found in your email notification (sent to the Technical and Authorization Contacts).
What can I do if my application has been rejected?
If your Entrust Certificate application is rejected, you can work with the Entrust Certificates Services Support Team to determine the best way to submit a new application.The main reasons that can lead an application to fail are:
What is a Dun and Bradstreet D-U-N-S Number?
- The domain name in the CSR is not registered to the authorizing organization.
- The address in the certificate application is not a valid address for your business.
- CSR is incorrectly formatted.
- Your company does not have a phone number publicly registered at the address in your application.
- The Authorization Contact does not confirm the employment of the Technical Contact.
The Dun and Bradstreet D-U-N-S Number is a non-indicative number assigned by Dun and Bradstreet to identify unique business entities, access D&B products and link related entities and data.
Will my order be processed if I do not have a D-U-N-S number?
You do not need to have a Dun and Bradstreet D-U-N-S number to apply for an Entrust SSL Certificate. If your organization does have a D-U-N-S number, it can help to expedite verification of your organization and therefore your order.
How can I retrieve my Entrust SSL Certificate?
Your Entrust SSL Certificate is provided to the order technical contact in an email when your order is completed. You can also utilize the Customer Order Tracking page by entering your order number and in the Certificate section of the page select the “Click here to retrieve your certificate” link.
How do I contact Entrust for additional assistance?
If you have additional questions or require further information, please contact Entrust Certificate Services Support by calling 866-267-9297 (1-613-270-2680 outside of North America), Monday through Friday 9:00 AM to 5:00 PM Eastern Time or emailing us at email@example.com