Pre-requirements
- Access to cPanel or WHM, depending on your hosting provider.
- Ability to modify DNS records if using the DNS DCV method.
- Familiarity with the domain's file structure to locate the .well-known directory (for HTTP DCV).
Introduction
Domain Control Validation (DCV) is a process used to verify that you control the domain for which an SSL certificate is being requested. AutoSSL uses two DCV methods: HTTP and DNS. Either of these methods can be used to validate your domain and issue the SSL certificate. This guide explains how both methods work and the steps needed for each.
Methods for Domain Control Validation (DCV)
| DCV Method | Description | Linux Command | Windows Command |
|---|---|---|---|
| 1. HTTP DCV Method | The HTTP method verifies the domain by checking a text file in the .well-known directory. The file content is compared to an MD5 hash of the CSR. |
|
Same as Linux |
| 2. DNS DCV Method | The DNS method verifies the domain by adding a DNS record. Let's Encrypt uses a TXT record, while Sectigo uses a CNAME record. |
|
Same as Linux |
Steps to Perform HTTP DCV for AutoSSL
| Step | Description | Linux Command | Windows Command |
|---|---|---|---|
| 1. Locate the .well-known Directory | Navigate to the domain's public_html directory to find the .well-known folder. |
|
|
| 2. Verify the Text File | Ensure the correct validation file is present in the pki-validation or acme-challenge folder, depending on the provider. |
|
|
| 3. Test the HTTP DCV | Open a web browser and navigate to http://example.com/.well-known/pki-validation/validationfile.txt to verify access. |
No specific command. Perform this in a web browser. | |
Steps to Perform DNS DCV for AutoSSL
| Step | Description | Linux Command | Windows Command |
|---|---|---|---|
| 1. Add DNS Record | Log in to your DNS provider and add the required TXT or CNAME record for your domain. Ensure the record matches the details provided in cPanel or WHM. | No specific command. Perform this through the DNS provider's dashboard. | |
| 2. Verify DNS Record Propagation | After adding the record, use the following command to ensure it has propagated across the internet. |
|
|
| 3. Check DCV Status in cPanel/WHM | Once the DNS record is validated, the SSL certificate should be issued. You can check the DCV status in cPanel or WHM. | No specific command. Perform this via the cPanel/WHM interface. | |
Gotchas to Avoid
- Incorrect DNS Settings: If your domain's DNS is hosted outside cPanel/WHM, the DNS DCV method will fail because the server cannot modify external DNS records.
- HTTP DCV File Not Accessible: Ensure the validation file is correctly placed in the
.well-knowndirectory and that the directory is publicly accessible. - DNS Propagation Delays: DNS changes can take time to propagate. Use DNS checking tools to confirm successful updates before reattempting validation.
Domain Control Validation (DCV) ensures that SSL certificates are issued only to domain owners. Using HTTP or DNS methods, you can validate your domain for AutoSSL certificates. Be mindful of DNS hosting locations, directory access for HTTP validation, and propagation times when using DNS validation. For further help, contact support or refer to your cPanel/WHM documentation.
For more tutorials and domain management tips, visit our Knowledge Base.
