Validate domains on a domain validation (DV) TLS certificate order
Validate each domain included in a DV TLS certificate order before DigiCert issues the certificate. Domain validation must be complete for all domains on the order before the certificate can be issued.
Important
DV certificates do not support domain prevalidation or domain validation reuse.
Each DV certificate order requires domain validation, including renewals and reissues.
When you order a DV certificate, you must select a DCV method to validate the domains on the certificate. CertCentral takes you to the certificate's pending Order details page where you complete domain validation. You can switch validation methods if needed.
Supported DCV methods for DV certificates
With DV certificate orders, you must use one DCV method to validate all domains on the order.
DCV type | DCV methods |
|---|---|
Email-based | Email to DNS TXT record contact, Email to DNS CAA record contact, Constructed email |
DNS-based | DNS TXT record, DNS CNAME record |
Website-based | HTTP Practical Demonstration |
Notice
The following methods are not supported for DV certificates:
HTTP Practical Demonstration with unique filename
Domain prevalidation
For detailed steps for each method, see the relevant topic in this chapter.
IP address and wildcard domain constraints
Consider the following constraints when adding IP addresses and wildcard domains to DV certificates:
If the certificate includes an IP address, you must use HTTP Practical Demonstration to validate it.
If the certificate includes a wildcard domain, you cannot use HTTP Practical Demonstration to validate it.
Notice
DigiCert recommends that you do not include wildcard domains and IP addresses on the same DV certificate.