What is the DCV process?

The Domain Control Validation process (DCV) allows Comodo to verify that you have control over a domain for which you are requesting a certificate. This prevents anyone but you from gaining access to your domain's security settings and taking control over your site.

How does DreamHost validate Domain Control for Comodo certificates?

DCV can be verified by using one of the following three methods (DNS, HTTP/HTTPS, or email):

DNS

By placing a record on the nameservers: DreamHost places a CNAME record in your zone file with hashed information that Comodo can find, and then validates that you have control over the domain. After it completes, the CNAME record is removed.

HTTP/HTTPS

By placing a publicly-accessible file on your domain: DreamHost places a file with a hashed version of your Certificate Signing Request (CSR) under your domain where it is accessible by Comodo. Once the domain is verified to be under your control, the file is removed.

Email

By sending an email: Comodo sends an email to one of a short list of common administrative email addresses associated with a domain (admin@, webmaster@, and so on). DreamHost prompts you to select an email address at the bottom of the contact information form in the panel:

Make sure the email address you select exists and is able to receive email before you select it. If needed, you can create one through the panel. Selecting a confirmation address from the drop-down list does not mean it exists, nor does DreamHost or Comodo create it for you.

2018-10_panel_ssl_renew_comodo_cert_confirm_address.fw.png

Comodo then sends an email to either the address you selected above or one of the email addresses listed on the public WHOIS system:

2018-07_panel_ssl_renew_comodo_cert_04.png

Click the link within the email and enter the validation code, which then validates your control of the domain.

Which method is used?

When you order a Comodo Domain Validated (DV) certificate, DreamHost attempts to validate in the order shown above (DNS, HTTP/HTTPS, and then email). The first two methods are preferable (DNS and HTTP/HTTPS) since DreamHost can automate them on your behalf with as little inconvenience to you as possible.

If the first two methods do not complete, DreamHost will then use the email method if the first attempt at validation fails or you don’t host the domain at DreamHost.

How long does it take to get my certificate?

Validating automatically through the DNS or HTTP/HTTPS method is usually accomplished within 24 hours. If the certificate is not obtained shortly after 24 full hours, DreamHost will then use the email method. DreamHost will attempt to validate by sending you an email, using the address you selected as the DCV email address described above.

See also

Did this article answer your questions?

Article last updated PST.