Select a DCV method for OV and EV certificates

Email to DNS TXT record contact

DigiCert sends an authorization email to the address in the domain's DNS TXT record

Environments where DNS access is available and a monitored contact email is defined

Add and validate a domain using email to DNS TXT record contact

Email to DNS CAA record contact

DigiCert sends an authorization email to the address in the domain's CAA record

Environments where a CAA record contact email is already configured

Add and validate a domain using email to DNS CAA record contact

Constructed email

DigiCert sends authorization emails to standard administrative addresses such as admin@ and webmaster@

Environments where standard administrative email aliases are monitored

Add and validate a domain using constructed email

DNS TXT record

Add a DigiCert-generated random value to the domain's DNS as a TXT record

Most environments. Recommended as the least vulnerable to industry changes.

Add and validate a domain using DNS TXT record

DNS CNAME record

Create a CNAME record pointing to a DigiCert validation host

Environments where DNS access is available and the domain uses CNAME routing

Add and validate a domain using DNS CNAME record

HTTP Practical Demonstration

Place a DigiCert-generated file on the web server at a specific URL

Environments with web server access and open port 80. Supports IPv4 and IPv6 address validation.

Add and validate a domain using HTTP Practical Demonstration

HTTP Practical Demonstration with unique filename

DigiCert goes to a predetermined location on your website to confirm the presence of a DigiCert-generated random value in a file with a DigiCert-generated unique filename.

Environments where a central server hosts validation files for multiple domains. OV and EV only (not supported for DV).

Add and validate a domain using HTTP Practical Demonstration with unique filename