Frequently Asked Questions

Entrust EV Multi-Domain SSL Certificate

Revocation Information & Reporting Policy

Under what conditions will my Entrust EV Multi-Domain SSL Certificate be revoked?

Entrust MUST revoke an Entrust EV Multi-Domain SSL Certificate it has issued upon the occurrence of any of the following events:

  • The Subscriber requests revocation of its Entrust EV Multi-Domain SSL Certificate.
  • The Subscriber indicates that the original Entrust EV Multi-Domain SSL Certificate Request was not authorized and does not retroactively grant authorization.
  • Entrust obtains reasonable evidence that the Subscriber’s Private Key (corresponding to the Public Key in the Entrust EV Multi-Domain SSL Certificate) has been compromised, or that the Entrust EV Multi-Domain SSL Certificate has otherwise been misused.
  • Entrust receives notice or otherwise become aware that a Subscriber violates any of its material obligations under the Subscriber Agreement.
  • Entrust receives notice or otherwise become aware that a court or arbitrator has revoked a Subscriber’s right to use the domain name listed in the Entrust EV Multi-Domain SSL Certificate, or that the Subscriber has failed to renew it domain name.
  • Entrust receives notice or otherwise become aware of a material change in the information contained in the Entrust EV Multi-Domain SSL Certificate.
  • A determination, in the CA’s sole discretion, that the Entrust EV Multi-Domain SSL Certificate was not issued in accordance with the terms and conditions of these Guidelines or the CA’s EV Policies.
  • If Entrust determines that any of the information appearing in the Entrust EV Multi-Domain SSL Certificate is not accurate.
  • Entrust ceases operations for any reason and has not arranged for another EV CA to provide revocation support for the EV Certificate.
  • Entrust’s right to issue Entrust EV Multi-Domain SSL Certificate under these Guidelines expires or is revoked or terminated [unless the CA makes arrangements to continue maintaining the CRL/OCSP Repository].
  • Entrust’s Private Key for that Entrust EV Multi-Domain SSL Certificate has been compromised.
  • Entrust receives notice or otherwise become aware that a Subscriber has been added as a denied party or prohibited person to a blacklist, or is operating from a prohibited destination under the laws of the CA’s jurisdiction of operation.

What is Entrust’s EV Certificate Problem Reporting and Response Capability?

Reporting
If you wish to revoke your Entrust EV Multi-Domain SSL Certificate for any of the above reasons, you may contact Entrust by filling in our online complaint form.

In addition to Entrust EV Multi-Domain SSL Certificate revocation, Subscribers, Relying Parties, Application Software Vendors, and other third parties can contact Entrust by filling in our online complaint form for reporting complaints or suspected Private Key compromise, EV Certificate misuse, or other types of fraud, compromise, misuse, or inappropriate conduct related to EV Certificates.

Investigation
Entrust will begin investigation of all Certificate Problem Reports within twenty-four (24) hours and decide whether revocation or other appropriate action is warranted based on at least the following criteria:

  1. The nature of the alleged problem;
  2. Number of Certificate Problem Reports received about a particular EV Certificate or website;
  3. The identity of the complainants (for example, complaints from a law enforcement official that a web site is engaged in illegal activities have more weight than a complaint from a consumer alleging they never received the goods they ordered); and
  4. Relevant legislation in force.

Response
Entrust will maintain a continuous 24/7 ability to internally respond to any high priority Certificate Problem Report, and where appropriate, forward such complaints to law enforcement and/or revoke an Entrust EV Multi-Domain SSL Certificate that is the subject of such a complaint.