Validate domains

Before you begin

You successfully created a DV certificate signing request (CSR). CPS sends it to Let's Encrypt for signing. Before signing the certificate, Let's Encrypt must validate that you control each domain listed on the certificate. There are three ways to validate control over a domain. You only need to complete one of them. You can also choose a different method of validation for each domain. The three ways to validate a domain are:

  • URL Redirect. To prove that you have control, you must configure your web server so that it lists each individual URL for each domain on the certificate to redirect traffic to ‚ÄčAkamai‚Äč. Until you redirect your traffic, The To-Do icon appears in the Submitting to CA column of the landing page. Once CPS detects that the URL redirect is in place, it asks Let's Encrypt to validate the domain. It may take a few hours for Let's Encrypt to automatically validate your domain.

  • HTTP Token. To prove that you have control, you must create an HTML file with a token content and put it in a publicly accessible folder on your web site before the token expires. Configure your web server so that it lists each individual URL for each domain on the certificate to redirect traffic to ‚ÄčAkamai‚Äč. Until you place the token, The To-Do icon appears in the Submitting to CA column of the landing page. Once CPS detects that the token redirect is in place, it asks Let's Encrypt to validate the domain. It may take a few hours for Let's Encrypt to automatically validate your domain.

  • DNS Token. To prove that you have control, you must add a text record to the DNS configuration of your domain. Adding this text record does not change your web site in any way. Check with your DNS service provider for instructions on how to add the text record. Using a text record allows CPS to automatically renew the certificate for the domain for as long as the text record exists. You can stop the automatic renewal by removing the text record from your domain.

How to

  1. If there is a To-Do icon next to and DV SAN certificate on the CPS main page, click the To-Do icon and select Validate Control Over Domain(s) from the status message.

    The Validate Control Over Domain(s) screen appears with all the domains listed on your DV certificates and the status of each domain.

  2. If any of the domains have the status Awaiting User, CPS does not detect you used one of the methods listed above to validate your domain.

    Follow the directions that appear on the screen after you select the validation method.

  3. Click Check Status Now to update the status of that domain validation.

    If you want to edit the deployment settings for this certificate see View and edit network deployment settings.

Next steps

If your certificate does not deploy within a few hours, see View validation instructions.


Did this page help you?