Demonstrate control over your domain with a DNS TXT Record

Follow these instructions to check the status of your SSL certificate order and use the DNS TXT Record DCV method to demonstrate control over a domain on the order.

Note: Submitting domains for validation during the order process means certificates will not be issued until domain validation is completed. For immediate certificate issuance, submit domains for pre-validation when possible. See Domain Pre-Validation: Use the DNS TXT DCV Method.

This validation method allows you to demonstrate control over your domain by creating a DNS TXT record containing a randomly generated token as the value. Once the DNS TXT record is created, DigiCert searches the domain's DNS records to confirm the presence of your verification token.

For information about other supported domain validation DCV methods for pending orders in CertCentral, see Domain Validation (Pending Order): Domain Control Validation (DCV) Methods.

Step 1: Check the Status of Your Pending Order

After you've ordered an SSL certificate, you can visit the certificate's Order # details page to see its validation status. You can also see if the order is waiting on domain or organization validation to be completed before it can be issued.

  1. In your CertCentral account, in the sidebar menu, click Certificates > Orders.

    CertCentral Orders

  2. On the Orders page, use the filters and advanced search features to locate the pending certificate order you want to view.

    CertCentral Orders

  3. In the Order # column of the certificate order, click the order number link.

  4. On the Order # details page, under Validation in Progress, you can check the order's validation status (e.g., is the order waiting on domain or organization validation to be completed?).

    Note: After validation is completed (domains and organization), the Validation in Progress section no longer appears on the Order # details page.

    CertCentral Orders

Step II: Use DNS TXT Record to Demonstrate Control Over the Domain

  1. On the Order # details page, in the Validation in Progresssection, under You Need To, locate the domain pending validation and click the domain link.

    Note: When you have multiple domains (SANs) on your order, each one will be listed. Those with a checkmark next to them are validated. Those with a clock icon next to them are pending validation.

    CertCentral Orders

  2. In the Prove Control Over Domain window, in the DCV Method drop-down list, select DNS TXT Record.

    CertCentral Orders

  3. Create the DNS TXT Record:

    1. In the Token, copy your verification token.

      To copy the value to your clipboard, single click in the text field.

      Note: The unique verification token expires after thirty days. To generate a new token, click the Generate a New Token link.

    2. Go to your DNS provider's site and create a new TXT record.

    3. In the TXT Value field, paste the unique token that you copied from your DigiCert account.

    4. Host field

      • Base Domain

        If you are validating the base domain, leave the Host field blank, or use the @ symbol (depending on your DNS provider requirements).

      • Subdomain

        In the Host field, enter the subdomain that you are validating.

    5. In the record type field (or equivalent), select TXT.

    6. Select a Time-to-Live (TTL) value or use your DNS provider's default value.

    7. Save the record.

  4. Verify the DNS TXT Record:

    1. In your CertCentral account, in the sidebar menu, click Certificates > Orders.

    2. On the Orders page, in the Order # column of the certificate order, click the order number link.

    3. On the Order # details page, in the Validation in Progresssection, under You Need To, locate the domain and click the domain link.

    4. In the Prove Control Over Domain window, under 2. Check for Token, click Check.