Yes! We've done .onion certs before, including the various changes to wildcard rules, certificate duration, domain validation processes and other elements necessary to do EV for .onions.
Our system automatically ignores whois (which doesn't exist for .onion) and moves to proof of control via file upload - you'll get instructions as soon as we receive your order.
Pick 1 year certificate duration in the UI. Certs for .onion domains must be for a single year, which is the max for .onion certs. We're going to start enforcing this in our UI in the next update.
Wildcards are normally banned for EV certs, so our UI doesn't allow them, but wildcards /are /allowed for .onion domains. If you would like a wildcard EV for your .onion domain, just enter the plain domain without the star and let me know you want a wildcard by email.
Email us the onion RSA public key. Tor uses a SHA-1 hash, and SHA-1 is now considered weak, so part of the validation rules is to include a SHA2-256 hash of the hidden services key in the .onion certificate itself. Ie, we want to ensure the hidden service we are connecting to is indeed the one they are intending to validate.
If you like to see one of our existing customer's TOR certs, check out https://privacyintyqcroe.onion