OV Organization Validation Certificate

The balance between thorough validation and speed of obtaining.

Organization Validation (OV) certificates represent an intermediate level between DV (Domain Validation) and EV (Extended Validation) certificates. They verify not only domain ownership but also the legal existence of the requesting organization.

Unlike DV certificates that only validate the domain, OV certificates include your organization's name in the certificate. This allows your visitors to verify your company's identity by checking the certificate details.

MoniTao monitors your OV certificates and alerts you before they expire to maintain user trust without interruption.

What is an OV Certificate?

Characteristics of Organization Validation certificates:

  • Organization validation: the certificate authority verifies your company's legal existence via official registries.
  • Name in certificate: your organization's name appears in the "Organization" (O) field of the certificate.
  • Moderate timeframe: validation generally takes 1 to 3 business days, faster than EV but longer than DV.
  • Mid-range price: between $50 and $200 per year depending on the certificate authority and options.

Comparison DV vs OV vs EV

OV certificate positioning:

  • vs DV: OV validates the organization in addition to the domain. The company name appears in the certificate, which is not the case for DV.
  • vs EV: OV is faster and cheaper than EV, but validation is less thorough (no physical address verification).
  • Same encryption: all three types offer the same level of encryption. The difference is only in the validation level.
  • Browser display: visually, DV and OV appear the same in the browser. You need to click the padlock to see details.

OV Validation Process

The steps to obtain an OV certificate:

  1. Domain validation: like DV, you must prove you control the domain (email, DNS, or HTTP).
  2. Organization verification: the CA verifies your company's existence via official registries (business registration, DUNS, etc.).
  3. Phone verification: some CAs make a phone call to confirm the request.
  4. Certificate issuance: after complete validation, the certificate is issued with your organization's information.

Verify an OV Certificate

How to identify an OV certificate:

# Display certificate details
openssl s_client -connect example.com:443 2>/dev/null | openssl x509 -text -noout

# An OV certificate will have the Organization (O) field filled:
# Subject: C=US, O=My Company LLC, CN=www.example.com

# A DV certificate will only have the CN:
# Subject: CN=www.example.com

# Quick check
echo | openssl s_client -connect example.com:443 2>/dev/null | openssl x509 -noout -subject

The presence of the Organization (O) field in the certificate subject indicates an OV or EV certificate. A DV only has the Common Name (CN).

Best Practices

Tips for OV certificates:

  • Documents up to date: keep your business registration and legal documents current to facilitate validation and renewals.
  • Anticipate renewal: start the process 2-3 weeks before expiration because validation takes longer than DV.
  • Information consistency: information in the CSR must exactly match your legal documents.
  • Monitor with MoniTao: set up alerts to be notified 30 days before expiration and have time to renew.

OV Certificate Checklist

  • Organization legally registered
  • Legal documents up to date
  • Domain validation successful
  • Organization validation confirmed
  • Certificate correctly installed
  • Expiration monitoring configured

Frequently Asked Questions

Who should use an OV certificate?

Businesses that want to display their verified identity in the certificate without going through the longer and more expensive EV process.

Does OV improve SEO?

No, Google makes no distinction between certificate types for ranking. Only having HTTPS matters.

How long does OV validation take?

Generally 1 to 3 business days if your documents are in order.

Can I have an OV wildcard certificate?

Yes, unlike EV certificates, OV certificates can be wildcard (*.mydomain.com).

Does Let's Encrypt offer OV certificates?

No, Let's Encrypt only offers DV certificates. For OV, you must go through a commercial CA.

How can visitors see it's an OV?

By clicking the browser padlock then "Certificate," they can see the organization name in the details.

The Right Compromise for Businesses

OV certificates offer a good balance between the simplicity of DV and the rigor of EV. They are perfect for businesses that want to prove their identity without the cost and delay of EV certificates.

With MoniTao, monitor your OV certificates and maintain user trust with proactive alerts before expiration.

Useful Links

Ready to Sleep Soundly?

Start free, no credit card required.

Create My Account See pricing