This document describes how to verify your ownership of a domain name after you apply for a DV certificate.
- Complete verification as soon as possible. The CA will reject your certificate application if you fail to complete or pass verification within 3 days.
- After passing verification, download the certificate from Certificate Management and install it.
Domain name ownership can be verified by using the following methods:
|Verification Method||Use Case|
|Manual DNS verification||This method is for domain names that are hosted with any platform.|
|File verification||This method is for scenarios where there are limitations in using automatic DNS validation and manual DNS validation.
(The process is complicated and requires a certain foundation for creating a site.)
The following operations apply only to domains hosted with Tencent Cloud DNSPod DNS. For domains hosted with other providers, please go to the corresponding DNS hosting provider for DNS resolution.
Log in to the SSL Certificates Service console.
On the Certificate List page, click the ID of the DV certificate of which you want to view the details to enter the Certificate Details page, as shown in the following figure.
Add the DNS record.
If your domain (for example,
www.tencent.com) is hosted with Tencent Cloud DNSPod DNS:
If your domain is hosted with other providers, go to the Certificate Details page to obtain the host record and record value, and then go to the corresponding DNS hosting provider to add a DNS record.
After the record is added, the system periodically checks for the record value. If the record value is detected and matches the specified value, the domain ownership verification will be completed, as shown in the following figure:
DNS usually takes effect within 10 minutes to 24 hours. The actual time depends on the ISP refresh time.
If your domain is hosted with Tencent Cloud DNSPod DN, point the domain name to your server.
The website root directory refers to the folder where you store the website programs on the server. Its name may be
Use the filename and file content displayed on the Certificate Details page after the domain ownership is verified.
C:/inetpub/wwwroot. You can create a file as shown in the following table in the
|File Directory||File Name||File Content|
.well-knownfolder, open a command prompt window and execute the command
mkdir .well-knownto create it. See the following figure.
http://Domain name/File directory/File name or
https://Domain name/File directory/File name
Access the URL to obtain the file content, for example,
example.tencent.com, access the URL
For second-level domains prefixed with
www, for example,
www.tencent.com, perform the following 2 steps:
- First, perform file verification for the second-level domain name.
- Second, perform file verification for the primary domain name
tencent.com(you do not need to reapply for a certificate). Verify the domain name according to the method specified in URL format and ensure that the file content is consistent.
*.tencent.com, access the URL
- Both HTTP and HTTPS are supported, and either can be accessed.
- File verification does not support any redirect. Instead, it directly returns status code 200 and file content.
If any problems occur during this process, please contact us.