Validate domains on an OV and EV TLS certificate order
Demonstrate control over domains on a pending OV or EV TLS certificate order
Industry standards (TLS Baseline Requirements) prevent CAs from issuing your TLS certificate until you demonstrate control over the domains and IP addresses on it. We refer to this process as the Domain Control Validation (DCV) process.
CertCentral features a domain validation process that allows you to validate your domains as part of the OV and EV TLS certificate issuance process.
Acronyms in this article: organization validation (OV), extended validation (EV), Transport Security Layer (TLS), Certificate Authorities (CAs) Domain Name System (DNS), text (TXT), Conical Name (CNAME), Certificate Authority Authorization (CAA), Hypertext Transfer Protocol (HTTP)
How the process works when validating domains on a pending OV and TLS certificate order
When you order an OV and EV TLS certificate, you’re required to select a DCV method to validate the domains on the certificate. When done, CertCentral takes you to the certificate's pending Order details page. From this page, you can use the selected DCV method to demonstrate control over the domains.
You can use one DCV method to validate all domains on a certificate or use a different one as needed. You can always switch validation methods if needed from the Order details page.
For example, you selected DNS TXT Record when ordering your certificate. However, your certificate includes three domains and an IP address. You can use DNS TXT record to validate the domains, but you must use HTTP Practical Demonstration to validate the IP address.
Supported DCV methods for validating domains on an OV and EV TLS certificate
DCV type | DCV methods | Resources |
|---|---|---|
Email-based |
| |
DNS-based |
| |
Website-based |
| |