What is Domain Control Validation (DCV) / Domain Validation (DV)? Why is it necessary?
DCV or DV is the method by which the Certifying Authority (CA) verifies that you are authorised to request a certificate for that hostname by the domain owner. The DCV/DV check is compulsorily done by the CA for every new certificate purchase/request, certificate re-issue request, or certificate renewal request.
The DCV/DV validation can be done in any ONE of the following ways:
- Email with verification link to the domain owner from Email Approver list
- Upload a custom file to a website folder
- Adding a custom DNS entry (CNAME or TXT).
If I place an order for a Domain Validated SSL Certificate, which document(s) do I need to provide?
You do not need to provide any documentation in order to purchase a Domain Validated (DV) certificate. All you will need to do is confirm that you own the domain you wish to cover, either through a simple email or file or DNS-based validation.
If your website uses Privacy Protection services for your domain name, we recommend you do NOT use Email-based validation as it will delay the domain validation and certificate issue process.
I chose Email-based Domain Control Validation but I haven’t received my DCV email yet. What should I do?
There are a few actions you may take in this case:
- First, verify which email address you have chosen for the Domain Control Validation email. This may be different from the customer contact email information you provide during the generation process. Check if the email is listed in the Email Approver list for your domain.
- Make sure to check the Spam or Junk Mail folder of your email provider.
If you need to change your DCV email, or if your website’s domain name uses Domain/WHOIS Privacy Protection services to hide your email address, you can use any ONE of the five following pre-approved alias email if you have already created them for your domain name:
To use one of the above email addresses instead of the one displayed in the domain WHOIS info, you must contact the Support team via the Contact Support link on the Order Details page, and make a request to change the DCV email address mentioning the order/invoice number, and ONE of the five email addresses mentioned above where you want to receive the DCV email. If the email address does not exist, make sure you create it before making this request from the Support team.
My File Authentication file has been uploaded to the wrong directory. What should I do?
Please upload your file to the correct directory. To make sure the authorization is successful make sure the file is viewable in the correct directory on BOTH yourdomain.com AND subdomain.yourdomain.com.
How long will validation take?
This largely depends on the type of certificate that you purchased and your response times. No matter which type of certificate that you purchase, the Certificate Authority (CA) will be contacting you directly and will only proceed with next steps upon your response. For Domain Validated (DV) certificates, these can typically be issued in a matter of minutes to one business day.
- Email-based DCV is completed as soon as you click the link and enter the verification code from the CA email.
- File-based DCV is completed when the CA detects the file at the correct location and could take upto 4 hours.
- DNS-based DCV is completed when the CA detects the correct DNS entry (CNAME or TXT as the case may be) after it has propagated globally and could take upto 12 hours in rare cases.
Selected orders may be flagged for an additional Brand Validation procedure by the CA. That means that the CA’s managers will review your order as it requires manual check.
Possible reasons for manual review:
- Some countries may be reviewed manually, for example: South Korea, North Korea, Sudan, Afghanistan and some others.
- Your domain name include popular Brand name, for example: facebook-app.com, sony-shop.net and others.
- Your domain name has similar brand name, for example you have domain name “sibmama.com”, but validation system may flag your order as “sIBMama”, so “IBM” brand was found in your name, so managers must check order manually.
- Your domain name has special words: “pay, online, secure, booking, shop, bank, transfer, money, e-payment, payment, protection and others”, in that case validation also will be manual.
In most cases after the manual review the hold on order processing is removed. Manual review may take up to 24-48 business hours.
I completed validation, but never received the certificate. What should I do?
After completing validation, the Certificate Authority (CA) will send the certificate to the email address that was used for Domain Control Validation. If, for whatever reason, the email address does not receive the email, you can download the files from the Order Details page on our website.
If you have difficulty locating the email with the Order Details page link after checking your Spam & Junk Mail folders, please contact us via the Contact form on the About getSSL page.
Can I use the email address listed in the domain WHOIS info to complete Domain Control Validation (DCV)?
Yes, you can do this for all Comodo SSL Certificates listed on our website. For RapidSSL, Thawte and GeoTrust certificates you need to use one of the 5 pre-approved email addresses. To know which email addresses are authorised to be DCV Approvers for your domain use this free DCV Email Approver Check tool.
Can I switch my method of Domain Control Validation from Email to File, or vice versa?
You can switch your method of Domain Control Validation from file-based to email-based for any SSL product that we provide. You can switch from email-based to file-based only for Comodo products. To request change of DCV method you must contact the Support team via the Contact Support link on the Order Details page.