Skip to main content

Perform domain control validation (DCV)

Before DigiCert issues a certificate, you must demonstrate control over the fully qualified domain names or IP addresses included in your request. This process is called domain control validation (DCV).

Industry standards defined in the TLS certificate baseline requirements require certificate authorities to verify that the requester controls the domains and IP addresses on every certificate before issuance.

Complete DCV in one of the following ways:

  • Before ordering certificates using domain prevalidation

  • During a pending certificate order

  • As part of an Automated Certificate Management Environment (ACME) workflow

DigiCert supports the following DCV methods:

  • Email validation

  • DNS TXT and CNAME records

  • HTTP practical Demonstration

  • ACME HTTP-01 and DNS-01 challenges

Notice

Domain validation reuse rules vary by certificate type. Organization-validated (OV) and extended validation (EV) certificates support reuse within the allowed period. Domain validation (DV) certificates require validation during each order and do not support reuse.

This chapter explains how to:

  • Select a supported domain control validation method

  • Validate domains before or during certificate orders

  • Complete validation for OV, EV, and DV certificates

  • Resolve common configuration issues that prevent validation

Related topics

Set up UltraDNS to CertCentral connection to automate DNS-based domain validation and eliminate manual record management

In questa sezione: