Sectigo
Comodo
Certum
Thawte
RapidSSL
Web Inspector
GeoTrust
Symantec
Issuing Criteria of Domain Validated SSL Certificates (DV SSL)
Domain validated ssl certificates are similar to any other type of ssl certificates except the level of certification as it certify owners control over domain (DNS) or Hosting hence the name is Domain Validated certificate (DV Certificate). It does not certify the identity of domain owner (Organisation Validated) and their business (Extended validation).
Examining the other aspects of a domain validated ssl certificates except the validation level reveal that they are mostly or exactly similar to organisation validated and extended validation certificates or their variants. For example Comodo PositiveSSL Certificate and Comodo PositiveSSL with Green Bar are technically same certificates except the validation level and some other differences like Warranty, Issuance time etc are also due to extended validation. So other technical aspects of transport layer security (TLS) like encryption level and browser support of the ssl might be exactly similar.
Domain validated ssl certificates (DV SSL) can be issued without any paperwork or documentation from user side and minimum human intervention only for proving control over domain or hosting of domain.
Process of domain validation
When you order a Domain validated ssl certificates (DV SSL), the order processed just after the payment is confirmed and within few minutes you receive a confirmation email as well as a Invitation link which lead you to certificate generation and validation page. Here at certificate validation page you are asked to provide a validation method of your choice. It could be one of the following:
- Validate via email sent to the email contact in the domain's whois details
- Validate via email sent to established administrative contact in the domain, like (admin@, postmaster@, etc.)
- Validate by publishing/ adding a DNS TXT record in domain's DNS record file.
- Validate by publishing a nonce/ number/ file/ text/ code provided by an automated certificate issuing system
Any of the above method can be selected for validation purpose depending upon ease and access of administrator over domain over domain. Most of the time administrator have no access to DNS file and the email addresses like admin@....com, in such cases it is easy to publish a number or a file. A file provided by issuing authority need to be uploaded in http directory of your hosting account, on cpanel it is generally ........ directory in your hosting account.
Validation via email is super easy, during the selection of validation method, just select the 'Admin Email' and choose the email address admin@........com
If administrator have access to domain DNS file, can add a DNS TXT record as per instructions issued during validation process, to verify the domain control.
Another option is to create or upload a file (Via FTP) to your hosting root i.e. http directory where your index.html or index.php etc file exists. This file can be downloaded from the certificate website during the process of validation. After uploading the file you can validate via validation page by clicking the button "Validate Now".
4 comments
I am issuing a certificate.... Can I use my email address which I am using on Gmail and yahoo?
thanks
no you can not use emails made on third party websites like gmail, yahoo, yandex mail or any other such service. It is good to make a email admin@yourdomain.com and use it for validation.
Can I use the email address listed in the Whois to complete Domain Control Verification (DCV)?
Yes, you can do this for DV, OV, and EV certificates.