Domain Control Validation
1- eMail-based DCV (Traditional)
You will be sent an email to an administrative contact for your domain.
The email will contain a unique validation code and link
2 - DNS CNAME-based
This method requires you to create a CNAME entry in your domain’s DNS record that is pointed at
comodoca.com. An MD5 hash as well as a SHA-256 hash of the CSR are required for this CNAME entry. The CNAME entry should follow this formula:
_<MD5 hash>.<domain> <TTL> IN CNAME <SHA-256 hash>.comodo.com
Please notice the underscore at the beginning of the entry, which is required.
Additionally, because the SHA-256 hash is 64 characters long, it will need to be split into two 32-character subdomains.
3 - HTTP-based DCV
The CSR you submit to WTS will be hashed. The hash values are provided to you and you must create a simple plain-text file and place this in the root of your webserver and served over HTTP-only!
The file and it's content should be as follows:
http://yourdomain.com/.well-known/pki-validation/<Upper case MD5 hash of CSR>.txt
Content (as a plain text file):
<SHA1 hash of CSR>
comodoca.com
Note: Serving the page over HTTPS or using an HTTP 302 redirect to an HTTPS will cause a failure of verification. Please use HTTP only for this procedure!
Published on and maintained in Cascade.
