WonderProxy Blog

March 30, 2011

Obtaining an Extended Verification SSL Certificate

Filed under: Uncategorized — Paul Reinheimer @ 4:41 pm

We decided to obtain an Extended Verification SSL certificate for WonderProxy and start running our website entirely through it (no standard http:// pages, just https:// for everything). Despite lots of regular SSL experience the process was rather foreign to us. We decided to obtain the certificate through GoDaddy for cost reasons.

Steps

  1. Register with GoDaddy and purchase an EV certificate token
  2. Flip over to their Certificate system, use the token to initiate a request
  3. Do the fun bits with OpenSSL to generate a Certificate Signing Request
  4. Hand that data off to GoDaddy

    Now this is the part where I thought the extra fees I was paying for the certificate would come into play, and GoDaddy’s team would leap into action researching my request, not so much. In fact what occurs is that your own highly paid lawyers or accountants leap into action, and bill you by the minute.

  5. Receive instructions from GoDaddy detailing the steps your Lawyer or Registered Accountant needs to follow. You need either a legal or accounting(?) opinion about the validity of your company and registration. The opinion letter has eight key elements:
    1. Your corporation is a valid, active, legal entity.
    2. You conduct business under this corporate name, and it is duly registered with the appropriate government agency
    3. The person signing & submitting the request is authorized to do so on behalf of the company
    4. The person approving the request is also authorized to do so (these were both me, it’s a small company)
    5. The company has a physical place of business and that address
    6. The company has a phone number and that phone number
    7. The company has an active bank account
    8. The company owns the domain in question

    Number 7 there caused us a few issues. Due to the official Quebec registrar being closed we hadn’t obtained a Quebec registration. We were registered federally, and had a provincial tax number, just not an official enterprise number. Without this enterprise number we were unable to obtain a bank account (or verify our PayPal account), so several things were delayed all for the want of a number.

  6. Submit opinion letter to GoDaddy
  7. Fill out a few forms from GoDaddy confirming the request, including the signer and approver, file with GoDaddy
  8. GoDaddy phones the lawyer who issued the opinion letter (using the phone number in some sort of lawyer registry (in the US this would be the Bar) to confirm the information and that they in fact issued the opinion letter
  9. GoDaddy phones the signer and possibly the approver (I was both people, so there was only one phone call) to confirm the details on their forms
  10. An internal GoDaddy “Audit” department reviews the data (this isn’t the person you deal with while completing the steps
  11. Certificate Issued

Total cost was probably ~$400 in professional services and GoDaddy fees. Our goal, clearly, is to have this cost outweighed by the level of trust and security the average user has for an EV certificate. Now that we’re offering dedicated VPN plans, protecting our users privacy from start to finish is even more important.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: