CA/Browser Forum
Home » Working Groups » Server Cert WG » Extended Validation » The EV SSL Certificate and its Contents

The EV SSL Certificate and its Contents

Extended Validation (EV) SSL Certificates will contain the following required fields:

Organization name – This field must contain the Subject’s (i.e., certificate holding entity’s) full legal organization name as listed in the official records of the Incorporating Agency in the Subject’s Jurisdiction of Incorporation. In addition, an assumed name or d/b/a (doing business as) name used by the Subject may be included at the beginning of this field, provided that it is followed by the full legal organization name in parenthesis. If the combination of the full legal organization name and the assumed or d/b/a name exceeds 64 bytes as defined by RFC 3280, the CA should use only the full legal organization name in the certificate.

Domain name – This field must contain one or more host domain name(s) owned or controlled by the Subject and to be associated with Subject’s publicly accessible server. Such server may be owned and operated by the Subject or another entity (e.g., a hosting service). Wildcard certificates are not allowed for EV SSL Certificates.

Jurisdiction of Incorporation – These fields must contain information only to the level of the Incorporating Agency – e.g., the Jurisdiction of Incorporation for an Incorporating Agency at the country level would include country information but would not include state or province or city or town information; the Jurisdiction of Incorporation for an Incorporating Agency at the state or province level would include both country and state or province information, but would not include city or town information; and so forth. Country information must be specified using the applicable ISO country code. State or province information, and city or town information (where applicable) for the Subject’s Jurisdiction of Incorporation must be specified using the full name of the applicable jurisdiction.

Registration Number – This field must contain the unique Registration Number assigned to the Subject by the Incorporating Agency in its Jurisdiction of Incorporation (for Private Organization Subjects only).

Address of Place of Business – This field must contain the address of the physical location of the Subject’s Place of Business. City, state and country information is required. Street number and ZIP/postal are optional.

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).