Skip to main content

使用 DNS CNAME 驗證方法確認網域控制

採用 DNS CNAME 記錄證明有您的網域的控制權

檢查您的 TLS/SSL 憑證訂單的狀態,然後使用 DNS CNAME 記錄 DCV 方法證明對訂單上的網域擁有控制權。如需更多資訊,請參閱證明對您的 SSL 憑證訂單上的網域擁有控制權

檢查您的 TLS/SSL 憑證訂單的狀態,然後使用 DNS CNAME 記錄 DCV 方法證明對訂單上的網域擁有控制權。如需更多資訊,請參閱證明對您的 SSL 憑證訂單上的網域擁有控制權

Validate domains before adding them to your certificate orders

For faster certificate issuance, validate domains before adding them to your OV/EV TLS certificate orders. To learn more about this domain validation process, see Supported DCV methods for validating domains in your CertCentral account.

步驟 1:檢查您的擱置的訂單的狀態

  1. 在您的 CertCentral 帳戶中,前往訂單的訂單編號詳細資料頁面。

    1. 在左側的主功能表中,前往憑證 > 訂單

    2. 訂單頁面的訂單編號欄中,按一下憑證的訂單編號連結。

  2. 訂單編號詳細資料頁面的訂單狀態區段中,檢查訂單的發行狀態 (要完成等待進行網域或組織驗證的訂單?)。

    After validation is completed, the Certificate status section no longer appears on the Order # details page.

  3. Under What do you need to do, select the domain's link you want to validate.

  4. In the Prove control over domain window, in the Domain control validation (DCV) method menu, select DNS CNAME Record and then select Save.

  5. Under 2. Add the DigiCert provided token to your CNAME record, in the Order token box, copy the DigiCert-provided random value.

    The random value expires after 30 days.

  6. Use one of the options below to create your DNS CNAME records:

    1. Option 1. (preferred): Create the DNS CNAME record with the static prefix _dnsauth

      1. Go to your DNS provider’s site and create a new CNAME record.

      2. In the hostname field (or equivalent), enter _dnsauth.

      3. In the record type field (or equivalent), select CNAME.

      4. In the target host field (or equivalent), enter [random_value].dcv.digicert.com to point the CNAME record to dcv.digicert.com.

      5. Select a Time-to-Live (TTL) value or use your DNS provider's default value.

      6. Save the record.

    2. Option 2: Create the DNS CNAME record

      1. Go to your DNS provider’s site and create a new CNAME record.

      2. In the hostname field (or equivalent), enter the random value copied from your CertCentral account.

      3. In the record type field (or equivalent), select CNAME.

      4. In the target host field (or equivalent), enter dcv.digicert.com to point the CNAME record to dcv.digicert.com.

      5. Select a Time-to-Live (TTL) value or use your DNS provider's default value.

      6. Save the record.

  7. Complete domain validation.

    1. In your CertCentral account, go to the certificate's Order # details page.

    2. On the Order # details page, in the Certificate status section, under What do you need to do, locate and select the domain link.

    3. In the Prove control over domain window, under 5. Complete domain validation, select Check record.

: