07.06.2023

Validation types used when obtaining SSL certificates

Domain Validation (DV)

All certificates should be subject to a domain validation process used to confirm domain name ownership rights.

Three validation methods are available:

Validation via email

You will get an email to admin mailbox of your domain with a unique confirmation code and link. Follow the link and input this unique code to pass the validation.

Permissible email addresses:

The following domain validation methods are only available for Comodo certificates.

Validation via DNS record

Your CSR will be hashed. You will be provided with hash values. Then, input a DNS CNAME record of your domain.

CNAME record format will look as follows:

_<value of MD5 hash of CSR>.<your domain>. CNAME <value of SHA-256 hash of CSR>.[<uniqueValue>.]comodoca.com.

Notes:

_09f7e02f1290be211da707a266f153b3.subdomain1.yourdomain.com. CNAME 3d874ab7b199418a9753111648448163.9eb1f2608f4da5aa3560154ca1b0df53.comodoca.com. _9e107d9d372bb6826bd81d3542a419d6.subdomain2.yourdomain.com. CNAME 899826c9c46f25fc70ed08b5811dbb2b.ddf3e6b932e44c6a6a9dc5285057e9db.comodoca.com.

Validation via a HTTP(S)

Your CSR will be hashed. You will be provided with hash values. Then, create a text file and save it to a root directory of your website.

The file and its content should be as follows:

1. File URL:
http://<your domain>/.well-known/pki-validation/<Value of MD5 hash in upper case>.txt

2. Content:
<Value of SHA-256 hash>
comodoca.com

Notes:

Examples:

File name subdomain1.yourdomain.com/.well-known/pki-validation/09F7E02F1290BE211DA707A266F153B3.txt 770423513bd0765c18e500000baec91976bcd8267a245437b32572665c6ac370 comodoca.com

subdomain2.yourdomain.com/.well-known/pki-validation/9E107D9D372BB6826BD81D3542A419D6.txt 87428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7 comodoca.com

Screenshot 1. Validation via a HTTP(S)

Organization Validation (OV)

Step 1. Domain validation

The domain validation process is described in the previous paragraph.

Step 2. Organization validation

Can be performed as follows:

Step 3. Callback

Certification center employee (or, more frequently, a robot) calls you to confirm certificate request originality and complete validation process.

After all steps are successfully completed, the certificate is signed and issued.

Extended Validation (EV)

Step 1. Filling in certification center forms

The center sends you special forms to be filled in.

Step 2. Organization validation

The organization validation process is described in OV paragraph.

Step 3. Domain validation

The domain validation process is described in DV paragraph.

Step 4. Callback

Certification center employee calls you to confirm certificate request originality and complete validation process.

After all steps are successfully completed, the certificate is signed and issued.