Skip to main content

Find the random value for your domain in CertCentral to finish the domain validation

Follow these instructions to get your domain’s random value. Use it to validate your domain with the DNS TXT Record, DNS CNAME Record, or HTTP Practical Demonstration DCV methods.

Acronyms in this article: Domain Name System (DNS), Transport Security Layer (TLS), Domain Validation (DV), Organization Validation (OV), Extended Validation (EV), Domain Control Validation (DCV)

Before you begin

Demonstrating control over domains on DV, OV, and EV TSL/SSL certificate orders

When ordering a DV, OV, or EV TLS certificate, you add domains and select the DCV method. If you select DNS TXT record, DNS CNAME record, or HTTP Practical Demonstration DCV, you need a DigiCert-generated random value to validate the domains on your order.

To find the random value, go to the DV, OV, or EV TLS certificate’s “Order details” page. Use this random value  to validate any domain in the order. See the Find the random value on your pending TLS certificate’s Order details page section in this article.

Validating domains before ordering certificates (domain pre-validation)

When pre-validating a domain, add it to CertCentral, then select the DCV method. If selecting DNS TXT, DNS CNAME, or HTTP Practical Demonstration, you need a DigiCert-generated random value to validate the domain.

To find the random value, go to the domain’s detail page. Use the value from this page to validate just this domain. See the Find the random value on the domain’s details page section in this article.

Random values expire after 30 days

When using a random value-based DCV method, DigiCert generates a random value that expires after 30 days. If it expires before validation is finished, DigiCert generates a new one. If your random value doesn't work, check if it has been replaced.

Using the random value with the DNS CNAME Record DCV method

For DNS CNAME, add “.dcv.digicert.com” directly to the end of your DigiCert-generated random value, then enter the complete value in your CNAME record. For example: _bs4fk5mhaqwf3902xevxvx.dcv.digicert.com

Find the random value on your pending TLS certificate’s order details page

  1. In CertCentral go to the certificate's "Order details" page.

    1. In the left main menu, go to Certificates > Orders.

    2. On the Orders page, in the Order # column, select the certificate's order number link.

    3. For CertCentral Subscription accounts, the steps to access the Order # detail page are different.

      1. In the left main menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the certificate's order number link.

  2. On the certificate’s Order # details page, on the Details tab, under What do you need to do, select the domain for which you need the random value.

  3. In the Prove control over your domain window, copy the DigiCert-generated random value (referred to as order token).

    The random values expire 30 days after the order is submitted. When the value expires, DigiCert automatically generates a new random value unless the domain validation is finished.

Find the random value on the domain’s details page

  1. In CertCentral, in the left menu, go to Certificates > Domains.

    For CertCentral Subscription accounts, in the left menu, go to Validation > Domains.

  2. On the Domains page, select the domain for which you need the random value.

  3. On the domain’s details page, in the Domain control validation (DCV) method section, under Your unique verification token, copy the DigiCert-generated random value.

    The random value expires 30 days after the domain is submitted for validation. When the value expires, DigiCert automatically generates a new random value unless the domain validation is complete.

What’s next

Now, you can use the random value to validate your domains:

Troubleshooting

Why isn’t the random value always the same for a domain?

  • One random value

    When you order an OV or EV certificate and select a random value-based DCV method, CertCentral adds new domains from the order to the Domains page. We generate a unique random value for the domain and add it to the certificate’s “Order details” page and the domain’s details page.

    Because both events happen in the same instance, when submitting an order with a new domain, we generate a random value for the domain on the order and the domain’s details page.

  • Different random values

    The random value is different if the events don’t occur at the same time and if something is different. This happens because we generate a random value for each separate “event.”

    For example:

    • You submit the domain for validation (pre-validation process) and then order an OV or EV TLS certificate for the domain.

    • You order another OV or EV TLS certificate and include a different organization name.

    • You order multiple TLS certificates for a domain.

Should I be concerned?

No, if DigiCert generates two or more unique random values for a domain, don’t worry. All random values work. Use one of them to finish random-value-based domain validation.

Nesta secção: