If your SSL certificate application fails review, use this article to identify the cause, fix it, and resubmit the certificate application.
If your application is still under review after a long time — rather than showing a failure status — see Why is my certificate application still under review after a long time?.
The domain name contains sensitive words
Replace or delete sensitive words, such as live, bank, banc, fund, wallet, pay, lv, nuclear, pw, asia, ban.c, alpha, test, example, credit, apple, ebay, trust, root, amazon, android, visa, google, discover, financial, wordpress, pal, hp, lv, free, and SCP, from your domain name. Then, resubmit the certificate application.
If the review still fails after multiple attempts, you can select another commercial certificate or change the primary domain name.
Domain name validation not completed or failed
Complete domain name ownership validation promptly after you submit your application. The certificate authority (CA) cannot issue your certificate until validation succeeds.
Company phone number is missing or incorrect
Organization Validated (OV) and Extended Validation (EV) certificates require a valid company phone number that the CA can use to contact you. Verify that the number is correct and reachable before resubmitting.
Company information verification failed
For OV and EV certificates, the CA verifies your company information through public channels. If verification fails, update your company information on a public platform so the CA can find a match.
Company information is inconsistent with domain name authentication records
The company information in your certificate application must match the authenticated company information on file with your domain name provider.
To correct this:
Confirm the authenticated company information with your domain name provider.
Log in to the Certificate Management Service console.
In the left navigation pane, choose Comprehensive Management > Company Profile Management.
Update your company information to match. For details, see Manage company information.
Resubmit the certificate application to the CA.
CSR is already associated with another order
Each SSL certificate must have a unique key pair. A Certificate Signing Request (CSR) file cannot be reused across orders. Generate a new CSR file for the new application.
To avoid this issue, use the system-generated CSR option in the Certificate Management Service console. After the certificate is issued, you can download it in multiple formats.
Domain name format is invalid
Domain names bound to a certificate can contain only letters, digits, and hyphens (-), and must be no longer than 64 characters. Check the domain name in both the CSR file and the order to confirm it meets these requirements.
Common Name field in the CSR is incorrect
The Common Name field in your CSR must be the primary domain name bound to the certificate. Create a new CSR with the correct Common Name and upload it, then resubmit the certificate application.