Methods of Domain Control Validation (DCV)
Friday, September 9, 2016
Methods of Domain Control Validation (DCV) : -
All Comodo certificates must pass through DCV. before they are issued. Domain Control Validation is a mechanism used to prove ownership or control of a registered domain name.
There are 3 mechanisms for Domain Control Validation:
1. eMail-based DCV (Traditional) :-
You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control.
Valid email addresses are:
Any email address which our system can scrape from a port 43 whois check;
The following generic admin type email addresses @ the domain for which the certificate is being applied:
admin@
administrator@
postmaster@
hostmaster@
webmaster@
2. DNS CNAME-based :-
The CSR you submit to Comodo will be hashed. The hash values are provided to you and must be entered as a DNS CNAME record for your domain.
The hashes are to be entered as follows:
.yourdomain.com. CNAME .comodoca.com.
Note: Please take notice the trailing period/fullstop at the tail end of each of the TLDs as this is required to make the entry fully-qualified.
Note2: yourdomain.com in the example above (and below in the HTTP(S) method instructions) means the Fully Qualified Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC certificate, separate CNAME records must be created for EACH FQDN in your order.
Examples:
.subdomain1.yourdomain.com. CNAME .comodoca.com.
.subdomain2.yourdomain.com. CNAME .comodoca.com.
All Comodo certificates must pass through DCV. before they are issued. Domain Control Validation is a mechanism used to prove ownership or control of a registered domain name.
There are 3 mechanisms for Domain Control Validation:
1. eMail-based DCV (Traditional) :-
You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control.
Valid email addresses are:
Any email address which our system can scrape from a port 43 whois check;
The following generic admin type email addresses @ the domain for which the certificate is being applied:
admin@
administrator@
postmaster@
hostmaster@
webmaster@
2. DNS CNAME-based :-
The CSR you submit to Comodo will be hashed. The hash values are provided to you and must be entered as a DNS CNAME record for your domain.
The hashes are to be entered as follows:
Note: Please take notice the trailing period/fullstop at the tail end of each of the TLDs as this is required to make the entry fully-qualified.
Note2: yourdomain.com in the example above (and below in the HTTP(S) method instructions) means the Fully Qualified Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC certificate, separate CNAME records must be created for EACH FQDN in your order.
Examples:
3. HTTP(S)-based DCV :-
The CSR you submit to Comodo will be hashed. The hash values are provided to you and you must create a simple plain-text file and place this in the root of your webserver and served over HTTP-only!
The file and it's content should be as follows:
http://yourdomain.com/.txt
Content (as a plain text file):
comodoca.com
Note: The DCV will fail if any redirection is in place.
Note 2: yourdomain.com in the example above (and in the CNAME method instructions; above) means the Fully Qualifed Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC, each FQDN in the certificate MUST have the TXT file in place in its root folder.
Examples:
subdomain1.yourdomain.com/.txt
subdomain2.yourdomain.com/.txt
this content is powered by comodo.com. and ref source of this article is below.
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/791/0/alternative-methods-of-domain-control-validation-dcv
0 comments:
Post a Comment