Important update 1: Email Support is being transitioned to Webforms. Click here for more information.
Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            SSL Certificate Requirement Updates

            OpenSRS updated the contact and field requirements for DigiCert, GeoTrust, Thawte, and RapidSSL certificates on October 13, 2020. This article explains what changed for each certificate type and what data the API stores and returns. Wherever possible, the API changes are backward compatible, so most existing integrations continue to work without modification.

            Warning: This article describes a historical change from October 13, 2020. Confirm current contact requirements against the OpenSRS API reference before relying on these details.

            How contact data is handled

            If you submit more contact details than a certificate type requires, OpenSRS processes and retains only the contacts and fields needed for registration. Extra contacts you provide are not saved and are not returned in the query order response.

            Note: For OV and EV certificates, the organization contact requires first name, last name, and email. If any of these fields are missing, OpenSRS copies them from the admin contact.

            Contact requirements by certificate type

            Certificate type

            Previous contact requirements

            Updated contact requirements

            What is saved and returned

            Domain Validation (DV)

            Three contacts: admin, billing, tech. Some products (for example, SSL123) also required an organization contact.

            Only the admin contact is required.

            Only the admin contact is saved and returned in the query order response. Additional contacts are not saved.

            Organization Validation (OV)

            Four contacts: organization, admin, billing, tech.

            Only the organization contact is required, and it must include first name, last name, and email.

            Only the organization contact is saved and returned in the query order response.

            Extended Validation (EV)

            Four contacts: organization, admin, billing, tech.

            Two contacts are required: organization and signer.

            Only the organization and signer contacts are saved and returned in the query order response.

            Code Signing

            Four contacts: organization, admin, billing, tech.

            Only the organization contact is required, and it must include first name, last name, and email.

            Only the organization contact is saved and returned in the query order response.

            Next steps

            • Audit your SSL ordering integration — confirm your code submits the required contacts and fields for each certificate type so orders are not rejected or delayed.
            • Review the validation methods — see to understand which validation applies to each certificate type.
            • Plan for the 2026 lifecycle changes — see for updates to validity periods and validation reuse.

            Questions? Contact OpenSRS Support.

            How helpful was this article?

            Thanks for your feedback!

            Do you still need help? If so please submit a request here.