Skip to main content

使用 DNS TXT 驗證方法確認網域控制

Demonstrate domain control with the DNS TXT record domain control validation (DCV) method

Use these instructions to demonstrate control over a domain by creating a DNS TXT record that includes a DigiCert-generated random value. Once the DNS TXT record is ready, DigiCert searches the domain's DNS records to confirm the presence of your random value.

For more information, see Demonstrate control over domains on your SSL certificate order.

Before you begin

For faster certificate issuance, validate domains before adding them to your OV/EV TLS certificate orders. To learn more about this domain validation process, see Supported DCV methods for validating domains in your CertCentral account.

Use DNS TXT record to demonstrate control over a domain on an OV/EV TLS certificate

  1. 在您的 CertCentral 帳戶中,前往訂單的訂單編號詳細資料頁面。

    1. In the left main menu, go to Certificates > Orders.

    2. On the Orders page, in the Order # column, select the certificate's order number link.

    3. For CertCentral Subscription accounts, the steps to access the Order # detail page are different.

      1. In the left main menu, go to My Digital Trust Products > Certificates,

      2. On the Certificates page, in the Order # column, select the certificate's order number link.

  2. 訂單編號詳細資料頁面的訂單狀態區段中,檢查訂單的發行狀態 (要完成等待進行網域或組織驗證的訂單?)。

    After validation is completed, the Certificate status section no longer appears on the page.

  3. Under What do you need to do, select the domain's link you want to validate.

  4. In the Prove control over domain window, in the Domain control validation (DCV) method menu, select DNS TXT Record and then select Save.

  5. Under 2. Add the DigiCert provided token to your TXT record, in the Order token box, copy the DigiCert-provided random value.

    The random value expires after 30 days.

  6. Create the DNS TXT record

    1. Go to your DNS provider’s site and create a new TXT record.

      For more detailed instructions for creating or updating a DNS TXT record, try the following resources:

    2. In the TXT Value field, paste the random value copied from your DigiCert account.

    3. Concerning the Host field:

      1. Base Domain (example.com)

        If you are validating the base domain, leave the Host field blank, or use the @ symbol (depending on your DNS provider requirements).

      2. Subdomain (sub.example.com)

        In the Host field, enter the subdomain that you are validating.

    4. In the record type field (or equivalent), select TXT.

    5. Select a Time-to-Live (TTL) value or use your DNS provider’s default value.

    6. Save the record.

  7. Complete the domain validation

    1. In CertCentral, go to the certificate's Order # details page.

      1. In the left main menu, go to Certificates > Orders.

      2. On the Orders page, in the Order # column, select the TLS certificate's order number link.

      For CertCentral Subscription accounts:

      1. In the left menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the TLS certificate's order number link.

    2. On the Order # details page, in the Certificate status section, under What do you need to do, select the domain link.

    3. In the Prove control over domain window, under 5. Complete domain validation, select Check site.

: