What is Domain Control Validation (DCV) / Domain Validation (DV)? Why is it necessary?
DCV or DV is the method by which the Certifying Authority (CA) verifies that you are authorised to request a certificate for that hostname by the domain owner. The DCV/DV check is compulsorily done by the CA for every new certificate purchase/request, certificate re-issue request, or certificate renewal request.
The DCV/DV validation can be done in any ONE of the following ways:
- Email with verification link to the domain owner from Email Approver list
- Adding a custom DNS entry (CNAME or TXT).
- Upload a custom file to a website folder
If I place an order for a Domain Validated SSL Certificate, which document(s) do I need to provide?
You do not need to provide any documentation in order to purchase a Domain Validated (DV) certificate. All you will need to do is confirm that you own the domain you wish to cover, either through a simple email or file or DNS-based validation.
If your website uses Privacy Protection services for your domain name, we recommend you do NOT use Email-based validation as it will delay the domain validation and certificate issue process.
I chose Email-based Domain Control Validation but I haven’t received my DCV email yet. What should I do?
There are a few actions you may take in this case:
- First, verify which email address you have chosen for the Domain Control Validation email. This may be different from the customer contact email information you provide during the generation process. Check if the email is listed in the Email Approver list for your domain.
- Make sure to check the Spam or Junk Mail folder of your email provider.
If you need to change your DCV email, or if your website’s domain name uses Domain/WHOIS Privacy Protection services to hide your email address, you can use any ONE of the five following pre-approved alias email if they already exist for your domain name:
To use one of the above email addresses instead of the one displayed in the domain WHOIS info, you can visit your Order Details page where you can set the required email address as approver. If the email address does not exist, make sure you create it before changing the email approver.
My File Authentication file has been uploaded to the wrong directory. What should I do?
Please upload your file to the correct directory. To make sure the authorization is successful make sure the file is viewable in the correct directory on BOTH yourdomain.com AND subdomain.yourdomain.com.
How long will validation take?
This largely depends on the type of certificate that you purchased and your response times. No matter which type of certificate that you purchase, the Certificate Authority (CA) will be contacting you directly and will only proceed with next steps upon your response. For Domain Validated (DV) certificates, these can typically be issued in a matter of minutes to one business day.
- Email-based DCV is completed as soon as you click the link and enter the verification code from the CA email.
- DNS-based DCV is completed when the CA detects the correct DNS entry (<em>CNAME</em> or <em>TXT</em> as the case may be) after it has propagated globally and depending on the TTL value could take from 1 to 4 hours in rare cases.
- File-based DCV is completed when the CA detects the file at the correct location and could take upto 4 hours.
Selected orders may be flagged for an additional Brand Validation procedure by the CA. That means that the CA’s managers will review your order as it requires manual check.
Possible reasons for manual review:
- Some countries may be reviewed manually, for example: South Korea, North Korea, Sudan, Afghanistan and some others.
- Your domain name include popular Brand name, for example: facebook-app.com, sony-shop.net and others.
- Your domain name has similar brand name, for example you have domain name “sibmama.com”, but validation system may flag your order as “sIBMama”, so “IBM” brand was found in your name, so managers must check order manually.
- Your domain name has special words: “pay, online, secure, booking, shop, bank, transfer, money, e-payment, payment, protection and others”, in that case validation also will be manual.
In most cases after the manual review the hold on order processing is removed. Manual review may take up to 24-48 business hours.
I completed the validation requirements, but never received the certificate. What should I do?
Please contact us so we can check if any issue exists. Possible issues you can check before contacting us are:
- For File-based DCV, there may be extra space(s) in the text file content, or a firewall setting may be blocking http/https requests from CA server IPs since they are located outside the country.
- For DNS-based DCV, the DNS record may not have been correctly created, or may need more time to propagate globally depending on the TTL value. Use the lowest possible TTL value for quickest validation.
After completing validation, the Certificate Authority (CA) will send the certificate to the email address that was used for Domain Control Validation. If, for whatever reason, the email address does not receive the email, you can download the files from the Order Details page on our website.
If you have difficulty locating the email with the Order Details page link after checking your Spam & Junk Mail folders, please submit a ticket so we can resolve your case.
Can I use the email address listed in the domain WHOIS info to complete Domain Control Validation (DCV)?
Yes, you can do this for all Comodo SSL Certificates listed on our website if your domain's domain registrar shares this info publicly. For RapidSSL, Thawte and GeoTrust certificates you need to use one of the 5 pre-approved email addresses. To know which email addresses are authorised to be DCV Approvers for your domain use this free DCV Email Approver Check tool.
Can I switch my method of Domain Control Validation from Email to File, or vice versa?
You can switch your method of Domain Control Validation by using the Reset Order button on your Order Details page. Thereafter you can choose one of the other DCV methods for validation.