SSLmentor

Quality TLS/SSL certificates for websites and internet projects.

Client Login
CAA record

CAA record

Manual Review (Security Review)

Certification authorities have different security mechanisms that evaluate SSL certificate orders. They either have their own databases containing thousands of words, names or they also use different databases and compare them with the domain name. If the authority system evaluates the application as a security risk, the order is included in the process of manual approval by the validation team, the so-called Security Review. It usually takes 24 to 48 hours for an order to be reviewed, issued, or rejected.

The most common reasons for order suspension

Security Review mainly concerns cheap domain SSL certificates, which are issued automatically. Company and EV certificates have security checks included in the validation process.

  • The domain name includes the famous brand name, such as facebook-app.com, sony-shop.net, dell-shop.com.
  • The domain name matches a well-known trademark. For example, the domain is "slibmana.com" and the security system evaluates the name to "slIBmana" and the "IBM" tag.
  • The domain name contains "stop words", such as "pay, bank, online, secure, booking, buy, bank, money, payment, violence, terrorists, and more."
  • The domain name is blacklisted in a security database or has a bad reputation.
  • Some countries may be reviewed manually, such as North Korea, Sudan, Afghanistan, Iran, Iraq, etc.

How to find out if an order is under manual review?

It does not take more than 10 minutes to issue a domain SSL certificate after confirming the validation email. If you confirm the validation e-mail and the certificate is not issued within the hour, it is very likely that the application has been included for manual review.

Very often, the order is "blocked" due to the setting of CAA records. If it takes a long time to issue an SSL certificate after confirming the validation email, check first the CAA records. Someone may have set them up on your domain.

What to do in case of manual review??

  • Make sure your website is online and functional. For non-functional or blank pages, the issuance of the SSL certificate will be refused.
  • Wait for the manual check to complete, which can take up to 48 hours to evaluate.
  • If the validation team is contacted on the certification authority's live chat, it is possible to speed up the issue and discuss the details of the application. The link to the live chat is on the authorities' website. You need to prepare an order ID number.

Where next?

Back to Help
Found an error or don't understand something? Write us!

CA Sectigo
CA RapidSSL
CA Thawte
CA GeoTrust
CA DigiCert
CA Certum