Red Hat Linux 7.0: The Official Red Hat Linux Reference Guide | ||
---|---|---|
Prev | Chapter 11. Obtaining a Certificate for your Secure Server | Next |
When you request a signed certificate from a CA, you'll need to prove that your organization has the right to conduct business using your organization's name. CAs are very specific about their requirements for proving your identity, and you'll need to check with the CA of your choice to see what their requirements are.
In some cases, copies of the following documents will need to be mailed or faxed to the CA, and your certificate will not be issued until the documents have been received and verified by the CA.
The easiest way to prove to VeriSign that your organization has the right to do business is to provide your Dun & Bradstreet (D-U-N-S) number. If you don't have a D-U-N-S number, you can request one from the Dun & Bradstreet website at http://www.dnb.com/dunsno/whereduns.htm.
If you don't know whether you have a D-U-N-S number, you can find out if you have one from VeriSign at https://digitalid.verisign.com/dnb_query.htm.
If you don't have a D-U-N-S number and you don't want to get one, see http://www.verisign.com/server/enroll/globalpreparing.html#proof for the documentation you'll need to provide to VeriSign.
See http://www.thawte.com/certs/server/docs.html for a list of what Thawte requires to prove your organization's identity. At the time this document was written, you needed to provide the following:
Proof of organizational name
Proof of the right to a domain name
"Proof of Organizational Name" means that you have to prove your right to use your company's or organization's name. This proof may consist of a copy of your official company's registration documents or a copy of your certificate of incorporation in your state or country. A number of other documents can also be used to prove your organizational name; see http://www.thawte.com/certs/server/right_name.html for many more examples.
"Proof of the Right to a Domain Name" is unnecessary if your domain is registered exactly to the company name included in your certificate request (which you haven't created yet). In most cases, this will be the case. Run a whois on your domain to see your domain's registration information. See http://www.thawte.com/certs/server/right_domain.html for more information on how you might prove your right to a domain name, if your certificate request will not exactly match the information returned by a whois on your domain.
Once you've gathered the information you'll need to prove your organization's identity to a CA, you can go on to creating a key and certificate request.