Domain Validation (DV – Domain Validation).
Initial level of trust.
In order to confirm that the domain belongs to you, there are three ways. Let’s consider each separately.
By email.
The domain administrator needs to create a mailbox to which a letter from the certification authority will be received. The following names are allowed:
- admin@
- administrator@
- webmaster@
- hostmaster@
- postmaster@
In the letter you will receive a unique code and a confirmation link. Copy the code and follow the link, paste it into the appropriate field.
Other methods are required to obtain Comodo certifications.
Using DNS records.
After generating a CSR (Certificate Signing Request), you will receive the hash values of your request, which are needed in the CNAME record of your domain zone. This entry has a strict format and will look like this:
_
It should be noted that:
- SHA-256 hash sequence separated by “.” (dot) in two, 32 characters on both sides;
- A record is considered valid if the domain name ends with a “.” (dot);
- Multi-domain certificates require individual CNAME records, i.e. in your order, they must be created for each domain separately;
- You don’t need to include “www” in the CNAME record, even if you’re getting a certificate for that particular subdomain.
For clarity, consider an example for a subdomain:
_09f7e02f1975bf211da707a341f153b3.subdomain0.mydomain.com. CNAME 3d874ab7b199418a9014258369048163.9eb1f1472f4da5aa1ab5bcca1b0df53.comodoca.com.
For www domain:
_81f9e13a1855bf221da717a341f153b3.mydomain.com. CNAME 3d874ab7bacd5f2e3a9e1f2b3a3cc163.1ae0cbd19f4da5aa1ab5bcca1aedf64.comodoca.com.
Using HTTP(S)
After generating the CSR (Certificate Signing Request), you will get the hash values of your request. To pass validation, you need to create a text file and place it according to the rules:
The file must be available via the link:http://
File content – 2 lines:
comodoca.com
Important!
- Validation will fail if redirects are used;
- Be sure to check the existence of all directories in the above path;
- If a Multi-Domain Certificate is ordered, then the files must be available for each domain;
- Checking www-domains occurs on the main domain;
- The .txt file name does not start with an underscore (_) and is in uppercase;
- The contents of the files do not need to be separated by a dot. There is no dot after comodoca.com.
Consider examples.
for the main domain and in the case of “www”:
URL – http://mydomain.com/.well-known/pki-validation/81F9E13A1855BF221DA717A341F153B3.txt
File contents:
3d874ab7bacd5f2e3a9e1f2b3a3cc1631ae0cbd19f4da5aa1ab5bcca1aedf64
comodoca.com
For a third-level domain – subdomain0.mydomain.com:
URL – http://subdomain0.mydomain.com/.well-known/pki-validation/09F7E02F1975BF211DA707A341F153B3.txt
File contents:
3d874ab7b199418a90142583690481639eb1f1472f4da5aa1ab5bcca1b0df53
comodoca.com
Organization validation (OV – Organization validation)
To conduct an OV, three steps must be followed.
Stage 1.
Perform Domain Validation (DV). The methods are described above.
Stage 2.
Direct validation of the organization. Several ways:
- The certification center independently checks the existence of the organization through the state registers of organizations;
- Open data registries, such as Companies House GOV.UK, Lursoft.lv, Duns & Bradstreet, Hoovers .
- The address of the organization must be confirmed by one of the following documents:
- charter of the organization (with address);
- government-issued business license (with address);
- a copy of the bank account statement of the organization for the last 6 months; (you can specify the account number)
- a copy of the telephone bill of the organization for the last 6 months;
- A copy of the organization’s utility bill for the last 6 months or the organization’s current lease.
- Notarized letter (Legal Opinion Letter).
Stage 3.
Certification authority employees (often a robot) call to confirm the authenticity of the certificate request, as well as to complete the validation process.
The certificate will be signed and issued upon successful completion of all steps.
Extended validation (EV – Extended validation).
Stage 1
Fill out the certification authority forms. Special forms will be provided to you.
Stage 2
Validation of the organization, the process is described above.
Stage 3
Domain validation. The process is described at the very beginning.
Stage 4
As with OV, the CA staff calls to verify the authenticity of the certificate request and complete the validation process.
The certificate will be signed and issued upon successful completion of all steps.
Collections of SSL certificates: DV certificate for domain , EV green line certificate , WC certificate for subdomains , SAN multi-domain certificate .
Welcome to the world of DomainRooster, where roosters (and hens) rule the roost! We're a one-stop shop for all your entrepreneurial needs, bringing together domain names and website hosting, and all the tools you need to bring your ideas to life. With our help, you'll soar to new heights and hatch great success. Think of us as your trusty sidekick, always there to lend a wing and help you navigate the sometimes-complex world of domain names and web hosting. Our team of roosters are experts in their fields and are always on hand to answer any questions and provide guidance. So why wait? Sign up today and join the ranks of the world's greatest entrepreneurs. With DomainRooster, the sky's the limit! And remember, as the saying goes, "Successful people do what unsuccessful people are not willing to do." So don't be afraid to take that leap of faith - DomainRooster is here to help you reach for the stars. Caw on!
