Skip to main content

使用 DNS CNAME 驗證方法確認網域控制

採用 DNS CNAME 記錄證明有您的網域的控制權

Use these instructions to validate a domain using the DNS CNAME DCV method. In the domains DNS as a CNAME record, add _dnsauth in the hostname field. Then, add [random_value].dcv.digicert.com to the target host field, to point the random value and domain to DigiCert at dcv.digicert.com.

檢查您的 TLS/SSL 憑證訂單的狀態,然後使用 DNS CNAME 記錄 DCV 方法證明對訂單上的網域擁有控制權。如需更多資訊,請參閱證明對您的 SSL 憑證訂單上的網域擁有控制權

Before you begin

For faster certificate issuance, validate domains before ordering your OV and EV TLS certificates. Learn more about domain prevalidation.

Acronyms used in this article: Domain Name System (DNS), Canonical Name (CNAME), Transport Security Layer (TLS), organization validation (OV), extended validation (EV)

步驟 1:檢查您的擱置的訂單的狀態

  1. 在您的 CertCentral 帳戶中,前往訂單的訂單編號詳細資料頁面。

    1. In the left main menu, go to Certificates > Orders.

    2. On the Orders page, in the Order # column, select the certificate's order number link.

    3. For CertCentral Subscription accounts, the steps to access the Order # detail page are different.

      1. In the left menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the certificate's order number link.

  2. 訂單編號詳細資料頁面的訂單狀態區段中,檢查訂單的發行狀態 (要完成等待進行網域或組織驗證的訂單?)。

    When validation is done the Certificate status section no longer appears on the Order # details page.

  3. Under What do you need to do, select the domain's link you want to validate.

  4. In the Prove control over domain window, in the Domain control validation (DCV) method menu, select DNS CNAME Record and then select Save.

  5. Under 2. Add the DigiCert provided token to your CNAME record, in the Order token box, copy the DigiCert-provided random value.

    The random value expires in 30 days.

  6. Create your DNS CNAME record.

    1. Go to your DNS provider’s site and create a new CNAME record.

      For more detailed instructions for creating or updating a DNS CNAME record, try the following resources:

      • Your DNS provider's documentation.

      • DigiCert knowledge base for articles like this one: Create a CNAME Record.

    2. In the hostname field (or equivalent), enter _dnsauth.

    3. In the record type field (or equivalent), select CNAME.

    4. In the target host field (or equivalent), enter [random_value].dcv.digicert.com to point the CNAME record to dcv.digicert.com.

    5. Select a Time-to-Live (TTL) value or use your DNS provider's default value.

    6. Save the record.

    Important

    On October 28, 2025, DigiCert ended support for the [random_value] prefix DNS CNAME record configuration. To learn more about this change, see the October 28 change log entry.

  7. Complete domain validation.

    1. In CertCentral, go to the certificate's Order # details page.

      1. In the left menu, go to Certificate > Orders.

      2. On the Orders page, in the Order # column, select the certificate's order number link.

      For CertCentral Subscription accounts:

      1. In the left menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the certificate's order number link.

    2. On the Order # details page, in the Certificate status section, under What do you need to do, select the domain link.

    3. In the Prove control over domain window, under 5. Complete domain validation, select Check record.

: