Domain Validated (DV) SSL certificates are the most basic of the three types of SSL/TLS certificates. While Organization Validated (OV) and Extended Validated (EV) require multiple steps in which the Certificate Authority the company or organization applying for the certificate, Domain Validation is just a single step. The Certificate Authority must simply verify that the person or organization applying for the certificate owns the registered domain.
What is Domain Validation?
To satisfy the Domain Validation requirement you must prove you own the domain that was submitted with the order.
The easiest, and most preferred method for accomplishing this is via email-based authentication. During email-based authentication, the CA will send an email to the WHOIS registrar email address asking them to verify that they did indeed register for a certificate. Once you respond to that email in the affirmative, the requirement is considered satisfied and the certificate is issued. This can be done in just minutes.
The CA can also send the authentication email to one of five pre-approved email addresses associated with the website. The five pre-approved addresses are:
email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org email@example.com
There are two other alternative methods when you cannot meet Domain Verification requirement via e-mail. These alternative methods include:
- File-Based Authentication; The CA will provide you with a text file that you will need to upload to the root directory of your website.
- CNAME-Based Authentication; A unique hash value is provided to you by CA. You must enter these values as TXT recordings from your DNS Manager.
In both steps, CA check whether they are valid and automatically confirms verification. After verification, if you want, you can delete this file / TXT record.
You can start by reviewing our DV SSL Certificates. :)