How can I complete the domain control validation (DCV) for my SSL certificate?

Email validation

The common way to prove your domain name ownership is to receive an email from the Certification Authority and approve the SSL issuance for your domain.

Due to regulations of CA/B Forum, the email can be sent either to an email from the domain’s whois or to one of the following domain-based emails:

  • admin@
  • administrator@
  • postmaster@
  • webmaster@
  • hostmaster@

When the activation is complete, you will receive the email from the Certification Authority to the selected email address.

HTTP-based Validation

This type of validation can be done by uploading a text file into a particular directory of your website (<DOCUMENT_ROOT>/.well-known/pki-validation/).

In order to find the validation file, you need to perform the following steps:

1. Complete the activation of your certificate.

2. Go to Purchased certs.

3. Click on Details.

4. Click the DCV File button.

When the file is downloaded, it is necessary to place it into the following location: <DOCUMENT_ROOT>/.well-known/pki-validation/. In order to validate your certificate, the file content should be shown via the following URL:

http://yourdomain.tld/.well-known/pki-validation/filename.txt

The ‘.well-known’ folder needs to be created inside of the Document root directory, then create a folder named ‘pki-validation’ inside of the ‘.well-known’ one and put the validation file into the ‘pki-validation’ folder.

Please make sure that the file is publicly accessible.

Note! When you validate a subdomain:

If you have a single-domain or a Wildcard certificate, the subdomain can be validated both via http://yourdomain.tld/.well-known/pki-validation/filename.txt or via http://sub.yourdomain.tld/.well-known/pki-validation/filename.txt.


If you have a multi-domain certificate, the subdomain must be validated by making the file accessible via http://sub.yourdomain.tld/.well-known/pki-validation/filename.txt.


If you have activated the certificate for www.yourdomain.tld, the subdomain must be available via http://yourdomain.tld/.well-known/pki-validation/filename.txt.

The content of the file must not be changed.

If https:// is enabled on your server and the validation file is accessible via https://. In order to update the validation method and speed the process up, contact Support by submitting a ticket here or via a Live Chat by clicking on the blue bubble icon in the lower right corner of this page.

DNS-based validation

If you cannot complete email or HTTP-based validation, you may consider DNS-based validation.

You can update the DCV method at Comodo Order Status panel. Alternatively, you can contact Support Team via ticket or start a Live Chat by clicking on a blue bubble button at the bottom of the page.

The main action you need to perform is to create a CNAME record in the DNS settings of your domain.

The validation via HTTP or DNS may take up to 1 hour. If it takes more time, it is necessary to check whether the file is accessible publicly or the record is still being propagated. 

Feel free to contact our Support Team if you have questions or need help.