How can I complete the domain control validation (DCV) for my SSL certificate?

How can I complete the domain control validation (DCV) for my SSL certificate?

Before a certificate can be issued, the certificate applicant needs to confirm the domain ownership rights. With the implementation of the new Account Panel, you have an opportunity to select one of several methods of domain control validation (DCV) during the certificate activation.

While earlier only email validation was possible, now you have a choice between email, HTTP- and DNS-based validation.


What does each option represent?

  • Email validation. The most ordinary and well-known option to confirm the domain ownership. During the certificate activation, you will need to select the email address to which an approval email will be sent. Due to regulations of Certificate Authorities, it is only possible to use either a domain whois record or one of the following domain-related generic emails to receive an approver email:,,, or . After the enrollment process is completed on our site, you will receive an email from the Certificate Authority to the selected email address
    dcv_02If the whois record is not showing in the list of possible emails, it means that the Certificate Authority failed to retrieve the whois record for your domain (This is a quite common case for domains with such TLDs as .ca, .br, .uk, .au, etc.). In this case, if you want to validate the certificate using the email from whois, you can choose any email from the list for activation. After the activation is completed, please contact our support with a request to resend the approver email to an address from whois. You will also need to provide us with the link to any online web-based whois database that shows the whois email address (administrative, technical or registrant one).To confirm the domain ownership rights for a COMODO certificate, you need to copy the validation code from the approval email, follow the link in it and paste the validation code into the corresponding field.
  • HTTP-based validation. Can be performed by uploading a special text/html file into the root directory of the domain name. The text file can be retrieved after the enrollment process is completed. Right after the order submission, you will be brought to the certificate management page. Click See Detailsnext to the certificate entry awaiting validation in the bottom table (status of this certificate will be In progress).dcv_03On the next page, you will see the details that were used during the certificate activation, information from the CSR code and the CSR code itself. To get the file, click on the arrow next to Edit Methodsbutton and select Download File.dcv_04

    A pop-up window will appear and will prompt you to download the needed file.


    After you download the file, you need to place it to the root directory of the website. As a result, the file should be accessible on the web via the following URL .

    For domain validation certificates, once the file is uploaded and verified by the system, the certificate gets issued and sent to you via email by the Certificate Authority.

    Note! If you are activating a COMODO certificate for a subdomain, you can upload the text into the domain root directory, as well as to the document folder of a subdomain. But if you are activating a COMODO Multi-domain certificate for subdomains, the validation file should be placed into the Document root directory of the corresponding subdomain.

  • DNS-based validation. For this validation method you need to create a certain CNAME record in the DNS settings of your domain. The record will be also available in your account after the order is submitted for activation to the CA. After you click on See Details on the certificate management page, press the arrow next to Edit Methods button and you will see the option Get Recorddcv_06A pop-up window will show the details of the CNAME record that should be set in the Host Records for your domain. Copy the Host and Target values and paste them in the corresponding fields in the account with your DNS provider. Set the minimum possible TTL value.Please keep in mind that if you are activating a Multi-domain certificate, the DNS record should be placed for every domain/subdomain included in the certificate, replacing the domain name in the field ‘Host’ with the corresponding domain/subdomain. Other values remain the same.

    Note! Some of DNS editors add the domain name automatically, so if you paste the whole record to the corresponding box, as a result it may look this way: [hash]
    In this situation it will be necessary to use the digits only without the domain name. If you activate the certificate for a subdomain, you would need to use subdomain only: [hash].sub.
    The domain name will be added automatically and the record will be the following:[hash] or [hash] accordingly.


    Certificate Authorities may need up to 1 hour to find and validate the uploaded file or the CNAME record. If after 60 minutes the certificate is not validated, please make sure that the file is publicly accessible and you do not have any firewall blocking the requests, or that the record is visible. If everything looks correct, please contact our support team, so that we can check the issue with the CA for you.

The validation systems at Certificate Authorities side perform the check of the validation file/record automatically with a certain period of time. If the validation failed, you can double-check if the file/record are correct and accessible and edit them if necessary. Once CA validation system runs the next check, it will reach and validate the file or the record.

Changing DCV methods

If you chose a particular DCV method, submitted the order, but suddenly changed your mind about the way of validation, you can change it in your account for COMODO certificates that are awaiting validation. The option can be found at the certificate management page for a needed SSL.


After clicking on Edit Methods, you can choose between the options suggested during the initial activation: Email, HTTP- and DNS-based validation.

Choose the desired method and perform the required steps to complete the DCV.

Note, if you have a COMODO OV or EV certificates, your order will undergo a business validation. After you complete the DCV, expect the email from COMODO with the further instructions.