Validating domains

Validate a domain

Depending on the configuration of your account, the option to perform domain control validation (DCV) may not be available on the Domains page. In this scenario, follow the instructions in the Validate a domain (no prevalidation) to complete DCV for each certificate request.
  • Automated DNS

  • DNS CNAME

  • DNS TXT

  • Email

  • HTTP(S)

This requires the configuration of a Sectigo DNS connector. For more information, see Understanding DNS connectors.
  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the Automated DNS DCV method.

  4. Click Start.

  5. Select the DNS connector to be used.

  6. Select the appropriate DNS provider.

  7. Click Submit.

  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the DNS CNAME DCV method.

  4. Click Start.

  5. Add the Canonical Name (CNAME) record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select CNAME as the record type.

    3. In the Host or Alias field, enter the CNAME Host/Label value provided.

    4. In the Target or Points to field, enter the CNAME Target/Destination value provided.

    5. Save the changes.

  6. Click Submit.

  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the DNS TXT DCV method.

  4. Click Start.

  5. Add the TXT record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select TXT as the record type.

    3. In the Label/Host field, enter the TXT Host/Label value provided.

    4. In the Destination/Target field, enter the TXT Target/Destination value provided.

    5. Save the changes.

  6. Click Submit.

  7. (Optional) Click Check Now to check the status of the DNS TXT record.

  8. Click Close.

  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the Email DCV method.

  4. Click Start.

  5. Select an appropriate email address.

  6. Click Submit.

  7. Once you receive the validation email, click the included validation link.

  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the HTTP or HTTPS DCV method.

  4. Click Start.

  5. Upload the verification file to your web server.

    1. Download the provided verification file.

    2. Upload the verification file to your web server in the <public document root>/.well-known/pki-validation directory.

      The <public document root> folder is often named wwwRoot, html, www, or htdocs.
    3. Click the provided validation URL to confirm that the file is publicly accessible.

  6. Click Submit.

Validate a domain (no prevalidation)

In order to validate a domain when prevalidation is disabled for your account, you must first complete a certificate request, and the certificate’s status must be Applied.
  • DNS CNAME

  • DNS TXT

  • Email

  • HTTP(S)

  1. Navigate to Certificates  SSL Certificates.

  2. Select the certificate for which to validate the domain, and click View.

  3. Open the Management tab.

  4. Expand Domain Control Validation.

  5. Add the Canonical Name (CNAME) record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select CNAME as the record type.

    3. In the Host or Alias field, enter the CNAME Host/Label value provided.

    4. In the Target or Points to field, enter the CNAME Target/Destination value provided.

    5. Save the changes.

  6. (Optional) Click Check Now to check the status of the DNS CNAME record.

  1. Navigate to Certificates  SSL Certificates.

  2. Select the certificate for which to validate the domain, and click View.

  3. Open the Management tab.

  4. Expand Domain Control Validation.

  5. Add the TXT record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select TXT as the record type.

    3. In the Label/Host field, enter the TXT Host/Label value provided.

    4. In the Destination/Target field, enter the TXT Target/Destination value provided.

    5. Save the changes.

  6. (Optional) Click Check Now to check the status of the DNS TXT record.

Once the certificate request was submitted, an email was sent to the email address provided. To resend the validation email, do the following:

  1. Navigate to Certificates  SSL Certificates.

  2. Select the certificate for which to validate the domain, and click View.

  3. Open the Management tab.

  4. Expand Domain Control Validation.

  5. Click Resend Email.

  6. Once you receive the validation email, click the included validation link.

  1. Navigate to Certificates  SSL Certificates.

  2. Select the certificate for which to validate the domain, and click View.

  3. Open the Management tab.

  4. Expand Domain Control Validation.

  5. Upload the verification file to your web server.

    1. Download the provided verification file.

    2. Upload the verification file to your web server in the <public document root>/.well-known/pki-validation directory.

      The <public document root> folder is often named wwwRoot, html, www, or htdocs.
    3. Click the provided validation URL to confirm that the file is publicly accessible.

(Optional) Click Check Now to check the status of the HTTP(S) text record.

Validate domains in bulk

  1. Navigate to Domains.

  2. Select the domains to be validated, and click Validate.

    Only domains sharing a common domain administrative email can be validated together.
  3. Select an appropriate email address.

  4. Click Submit.

  5. Once you receive the validation email, click the included validation link.

Managing domain validations

Revalidate a domain

  • Automated DNS

  • DNS CNAME

  • DNS TXT

  • Email

  • HTTP(S)

This requires the configuration of a Sectigo DNS connector. For more information, see Understanding DNS connectors.
  1. Navigate to Domains.

  2. Select the domain to be validated, and click Validate.

  3. Select the Automated DNS DCV method.

  4. Click Start.

  5. Select the DNS connector to be used.

  6. Select the appropriate DNS provider.

  7. Click Submit.

  1. Navigate to Domains.

  2. Select the domain you want to revalidate.

  3. Click Revalidate.

  4. Select the DNS CNAME DCV method.

  5. Click Start.

  6. Add the Canonical Name (CNAME) record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select CNAME as the record type.

    3. In the Host or Alias field, enter the CNAME Host/Label value provided.

    4. In the Target or Points to field, enter the CNAME Target/Destination value provided.

    5. Save the changes.

  7. Click Submit.

  1. Navigate to Domains.

  2. Select the domain you want to revalidate.

  3. Click Revalidate.

  4. Select the DNS TXT DCV method.

  5. Click Start.

  6. Add the TXT record to your domain’s DNS settings.

    1. Sign into your domain registrar’s website or your DNS provider.

      Your domain registrar’s website is where you purchased your domain.
    2. Locate the option to add a new DNS record, and select TXT as the record type.

    3. In the Label/Host field, enter the TXT Host/Label value provided.

    4. In the Destination/Target field, enter the TXT Target/Destination value provided.

    5. Save the changes.

  7. Click Submit.

  8. (Optional) Click Check Now to check the status of the DNS TXT record.

  9. Click Close.

  1. Navigate to Domains.

  2. Select the domain you want to revalidate.

  3. Click Revalidate.

  4. Select the Email DCV method.

  5. Click Start.

  6. Select an appropriate email address.

  7. Click Submit.

  8. Once you receive the validation email, click the included validation link.

  1. Navigate to Domains.

  2. Select the domain you want to revalidate.

  3. Click Revalidate.

  4. Select the HTTP or HTTPS DCV method.

  5. Click Start.

  6. Upload the verification file to your web server.

    1. Download the provided verification file.

    2. Upload the verification file to your web server in the <public document root>/.well-known/pki-validation directory.

      The <public document root> folder is often named wwwRoot, html, www, or htdocs.
    3. Click the provided validation URL to confirm that the file is publicly accessible.

  7. Click Submit.

  8. Once you receive the validation email, click the included validation link.

Clear DCV

Once you clear a domain’s DCV status, you cannot issue publicly trusted certificates for the domain until it is validated again.
  1. Navigate to Domains.

  2. Select the domain for which to clear validation.

  3. Click the Clear DCV icon.

  4. (Optional) Select Clear `SECTIGO Public CA` backend to force revalidation to also clear the domain’s DCV status from the Sectigo Public CA backend.

  5. Click Clear.