The Domain Validated (DV) SSL certificates are the most elementary of the three types of SSL/TLS certificates. While Organization Validated (OV) and Extended Validated (EV) require several steps in which the Certificate Authority vets the company or organization applying for the certificate, Domain Validation is just a single one time step. The Certificate Authority must simply verify that the person or organization that is applying for the certificate owns the registered domain.

What is Domain Validation?

To meet the Domain Validation requirement you must prove you own the domain name that was submitted with the order.

The quickest, and most preferred method for accomplishing this is via email-based verification. During email-based authentication, the CA will send an email to the WHOIS registrar email address (the email that shows on the domain WHOIS) asking them to verify that they did indeed register for a certificate. Once you reply to that email in the affirmative, the requirement is considered satisfied and the certificate is issued.

This can be done in just minutes.

The CA can also send the authentication email to one of five pre-approved email addressesassociated with the website. The five pre-approved addresses are:

  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]

If you cannot satisfy the Domain Validation requirement via email, there are alternative methods as well.

Alternative Methods

There are two extra ways to satisfy the Domain Validation requirement, though one of them is exceptional to Comodo. Those alternative methods are:

  • File-Based Authentication – The CA will provide you with a text file that you will need to upload to the root directory of your website. This will then be verified by the CA via HTTP or HTTPS.
  • CNAME-Based Authentication (Comodo Only) – Comodo will provide you with two unique hash values (these are MD5 and SHA1). You, in turn, must enter them in your CNAME DNS record. You must use the following format: <MD5 hash> CNAME <SHA-1 hash> Once this is complete, Comodo will check on it and use it to satisfy the Domain Validation requirement.