Certum Premium EV SSL Multi-Domain is an advanced SSL certificate with Extended Validation (EV), designed for comprehensive protection of data transmission in environments that require the highest level of trust and scalability. The certificate supports up to 300 domains and subdomains within a single installation, utilizing Subject Alternative Name (SAN) technology, which allows for the flexible addition or modification of secured names during the validity period. The issuance process includes a rigorous legal and organizational verification of the entity, including confirmation of registration in legal registers, physical location, and the credentials of the persons representing the organization, in accordance with CA/Browser Forum requirements.

The implemented cryptographic mechanisms are based on SHA-256 algorithms with an RSA key up to 4096 bits or ECC up to 384 bits (X.509 v3 standard), ensuring data integrity and confidentiality through TLS 1.2/1.3 protocols. The certificate embeds verified company data (including the legal name, registered address, and identification number), which are visible in the certification details for end users, as well as a dynamic security seal that can be placed on the website. The seal contains current information about the certificate status, company data (e.g., name, address) and is verified in real time, thereby enhancing transparency and user trust.

Certum Premium EV SSL Multi-Domain offers a financial guarantee of up to €1,000,000, in compliance with regulatory requirements (eIDAS, GDPR, PCI DSS), and supports OCSP Stapling to minimize delays in revocation status verification.

Do you want to secure only 1 domain? Check out the standard version Certum Premium EV SSL for 1 domain.

• Extended Validation (EV): A rigorous process verifying the legal and operational identity of an organization in accordance with CA/Browser Forum standards, including verification of registers (KRS, CEIDG), physical location, and the authorizations of its representatives.
• Support for up to 300 domains and subdomains: Subject Alternative Name (SAN) technology that enables the dynamic addition, modification, and management of secured names during the certificate’s validity period.
• Advanced cryptographic mechanisms: Support for RSA keys (up to 4096 bits) and ECC (up to 384 bits) with the SHA-256 algorithm and TLS 1.2/1.3 protocols, ensuring the confidentiality, integrity, and authentication of transmissions.
• Dynamic security seal: An interactive widget displaying the current certificate status along with verified company data.
• Verified organization data in the certificate: Automatic display of legal information (including name, registered address, identifier) in the certificate details within web browsers.
• Financial guarantee up to €1,000,000: Financial protection in case of security breaches, compliant with the requirements of eIDAS, GDPR, and PCI DSS.
• OCSP Stapling: Optimization of the certificate revocation status verification process, minimizing delays and reducing infrastructure load.
• Compatibility with the IT ecosystem: Full support for web browsers, mobile systems, IoT, enterprise applications, and cloud environments.
• Automatic data update: The dynamic security seal reflects the current certificate status and company data in real time, increasing transparency.

Dynamic security seal for Certum Premium EV SSL Multi-Domain is an interactive graphic element embedded on a website that displays the current certificate status and verified organization data (legal name, registered address) in real time. The seal uses cryptographic mechanisms to automatically verify the certificate’s validity and the connection’s integrity, presenting information in a format that complies with CA/Browser Forum requirements. Its content is generated dynamically based on the data contained in the EV certificate. The seal is compatible with all major browsers (Chrome, Firefox, Safari, Edge) and mobile devices, ensuring a consistent presentation across platforms. It integrates with TLS 1.2/1.3 protocols and supports OCSP Stapling, reducing verification delays. It operates on the basis of public key infrastructure (RSA 4096-bit, ECC 384-bit) and the X.509 v3 standard, meeting regulatory (eIDAS, GDPR) and industry (PCI DSS) requirements.

Validation procedure for Certum Premium EV SSL Multi-Domain includes a multi-step process for legal and organizational verification of the entity, in accordance with the requirements of the Extended Validation (EV) standard and the guidelines of the CA/Browser Forum. At the initialization stage, confirmation of the organization’s legal existence is required by checking entries in official legal registers and verifying the physical location of its headquarters. Next, the authority of the persons representing the organization to apply for the certificate is verified, including the authorization of power of attorney or registration documents. For the validation of domains and subdomains, it is necessary to confirm the right to use them through methods such as DNS CNAME/TXT, email verification to administrator addresses, or file-based (HTTP/HTTPS) verification. All names submitted under SAN (Subject Alternative Name) are individually verified according to EV rules, which includes, among others, checking compliance with the naming policy and association with the organization. The process also includes re-verification of key data when renewing the certificate. All procedures are documented and audited in accordance with the WebTrust standard, and the certification infrastructure is based on HSM modules (FIPS 140-2 Level 3). The result of a successful validation is the issuance of a certificate with embedded organization data (name, address) visible to end users in the connection details. Whole verification procedure has been described in our Knowledgebase: Validation and verification for Certum Premium EV SSL certificate.

Certum Premium EV SSL Multi-Domain utilizes Subject Alternative Name (SAN) technology to secure up to 300 different domains and subdomains under a single certificate, eliminating the need to deploy separate certificates for each name. The SAN mechanism allows for dynamic addition, removal, or modification of secured domains during the certificate’s validity period, without the necessity of reissuance. Each domain or subdomain is included in the X.509 v3 extension as an alternative subject, ensuring full Extended Validation (EV) for all names – including legal verification of the organization and compliance with TLS 1.2/1.3 protocols. The SAN functionality integrates with advanced cryptographic mechanisms (RSA up to 4096 bits, ECC up to 384 bits, SHA-256), guaranteeing end-to-end encryption for all supported domains. Management of the SAN list is carried out via dedicated administrative tools, enabling centralized control over configuration and auditing. This technology complies with the requirements of the CA/Browser Forum as well as with eIDAS and PCI DSS regulations, providing scalability for extensive infrastructures such as CDN servers, SaaS platforms, or multi-domain environments. Each domain in the SAN possesses the same credibility attributes (including verified company data in the certificate) as the main certificate, and the integrity of the SAN list is protected by the certification authority’s digital signature.

Certum Premium EV SSL Multi-Domain ensures full compatibility with a wide range of web browsers (including Chrome, Firefox, Safari, Edge, Opera) and mobile systems (iOS, Android), as well as IoT devices and enterprise solutions. It operates seamlessly in environments using TLS 1.2/1.3 protocols, guaranteeing proper validation of the certification chain by all major browsers and operating systems (Windows, macOS, Linux). The implemented organization data (name, headquarters) are visible in the certificate details on any device, which reinforces credibility. The certificate supports the latest cryptographic standards (RSA 4096-bit, ECC 384-bit, SHA-256) and OCSP Stapling mechanisms, ensuring compliance with CA/Browser Forum requirements and regulations (eIDAS, GDPR, PCI DSS). Integration with the dynamic security seal enables the presentation of up-to-date information about the certificate and the company on all platforms, regardless of the type of device or client application. Please check the full list of supported devices and browsers.

Technical support for Certum Premium EV SSL Multi-Domain is characterized by a comprehensive and individualized approach to each client, providing expert assistance at every stage of certificate usage. A dedicated team of experts is available both by telephone and through online platforms, enabling rapid diagnostics and resolution of any issues related to configuration, installation, or maintenance of the certificate. Clients can rely on detailed advice regarding the optimization of security settings and compliance with the latest standards, which translates into seamless implementation and continuous updates of the certificate. The support also includes assistance with the implementation of advanced cryptographic mechanisms and the integration of the certificate into existing IT infrastructure, thereby ensuring the stability and continuity of online services. Thanks to the use of state-of-the-art diagnostic tools and escalation procedures, the technical team effectively minimizes downtime and provides a high level of security, which forms the foundation for building user trust and complying with international data protection standards.