Other Domain Control Validation Options

In this article we explain alternative DCV (Domain Control Validation) options.
There are 3 different types of DCV:
  • HTTP(S)-based DCV (File-Based Authentication)
  • DNS CNAME-based
HTTP-based DCV (File-Based Authentication) - Preferred Method
This method of domain control validation is the preferred method for a site that is already live and is accessible via HTTP.
  1. While creating your SSL certificate you will be given the option for a different type of authentication method
    1. Select HTTP from the dropdown

    2. Select Click to Continue
    3. You will be presented with the following information:
      For File Based Authentication, Please create a folder structure "/.well-known/pki-validation/" under root directory and create file using following details or download the Authentication file by clicking the "Download Auth File" button and place it in the "/.well-known/pki-validation/" of the HTTP server, like so: http://<insert domain name here>/.well-known/pki-validation/<insert CSR hash here>.txt. 
      It may take some time for file to be automatically validated and cert to be issued by Certificate Authority
    4. Make sure that the folders/files are created with the information provided in the previous step, if this is done incorrectly your domain will not be validated. The simplest way of completing this is to FTP and create the directories and upload the Authfile by selecting the Download Authfile button

    5. Select Back to Client Area

Please Note: If you have any redirects or rewrite rules this method will fail for DCV, if you need assistance with this please contact our support team to help with this
The CSR generated from Plesk will be submitted to Comodo hashed. Create a TXT record as follows based on your information from your Control Panel:

If you are unsure or lose the information from the SSL product details you can do the following to pull the hash value:
In order to proceed with the steps below you will need to decode your CSR showing the hash values
  1. Go to https://secure.comodo.com/utilities/decodeCSR.html
  2. Enter your CSR
  3. Check the box Show CSR Hashes
  4. Select Decode
  5. Copy & Paste the MD5 hash
For email-based authentication you can use the following KB for an understanding of how email-based authentication works:

SSL Approver Email Address What's This All About
Additionally, you can follow the steps in the provided screenshot below:


Add Feedback