For every domain you set up as a property hostname, you need to prove ownership to ​Akamai​.

Hostname validation strengthens security and prevents unauthorized use of hostnames on the ​Akamai​ network. This keeps your domains safe and prevents other customers from using your domain to serve traffic over ​Akamai​ edge network.

Domain validation is initially optional at launch to give you time to familiarize yourself with the process. However, in alignment with industry best practices, it will be progressively enforced over the next several months. Domain validation will become mandatory for all newly onboarded domains. New customers will be automatically enrolled in the enforced mode, while existing customers will transition gradually.

📘

Another way to validate the domains you set up as property hostnames is through the Domain Ownership Manager (DOM) application. DOM is independent from Property Manager and allows you to pre-emptively complete the validation process. This saves you time, because later, you don’t have to wait for validation completion in Property Manager, before you can activate the version.

Validation overview

In Property Manager, the validation process starts when you add a new property hostname. The UI shows all the information you need to complete the validation and you can proceed to update your DNS or HTTP server, depending on your preferred validation method. You need to complete the validation before activating the version. While this check won't be enforced for all customers at launch, domain validation will eventually become mandatory, and failure to complete it will result in blocked activations.

Once the domain validation is completed, it doesn’t expire and you don’t need to revalidate it.

View validation challenges

When you add or edit a hostname in Property Manager, the Domain and Certificate Security step shows all the information you need to complete the validation for all available methods. Here you can also check the validation status.

To view the validation details of already added hostnames:

1. Go to the Property Manager Editor.
2. In the Property Hostnames section, click Actions.
3. Click Prove ownership.

You can see the validation challenges for all available methods.

Validation methods

There are three methods you can use to prove domain ownership to ​Akamai​.

DNS CNAME

In this method, ​Akamai​ generates a CNAME record that you copy to your DNS to automatically handle domain validation challenges and certificate renewal. The DNS CNAME method is recommended in most cases.

📘

If you’re using a default certificate, you need to update your DNS only once and it will both validate your certificate and prove domain ownership to ​Akamai​.

Use this method when:

• You have direct control over your DNS records.
• You want to validate an exact host or a wildcard domain.
• You are using a default certificate, which lets you use a DNS CNAME record for both the certificate and domain validation.

Don't use this method when:

• You don’t have control over your DNS records.
• You are using multiple CDNs.
• You are not using a default certificate.

How to:

1. Add a hostname to your property version.
2. At the Domain and Certificate Security step, select DNS CNAME. See how to view validation challenges of already added hostnames.
3. Copy or download the validation challenges. Expand the hostname row to view all the details.
4. In your DNS configuration:
   • Add a CNAME record: _acme-challenge.domainName. For a domain called example.com, the record should be _acme-challenge.example.com.
   • Paste the DNS CNAME you copied from the Property Manage UI as the target.

DNS TXT

In this method, ​Akamai​​ provides a challenge token that you use to set up a TXT record in your DNS configuration.

Use this method when:

• You have direct control over your DNS records.
• You want to validate an exact host, a wildcard, or a top-level domain.
• You are using multiple CDNs and want to manage domain validation through multiple TXT records in your DNS.

Don’t use this method when:

• You don’t have control over your DNS records.
• You don’t want to manually obtain a TXT token and add it to your DNS records for domain validation.

How to:

1. Add a hostname to your property version.
2. At the Domain and Certificate Security step, select TXT. See how to view validation challenges of already added hostnames.
3. Copy or download the validation challenges. Expand the hostname row to view all the details.
4. In your DNS configuration:
   • Add a TXT record. Example: akamai-domain-challenge.example.com.
   • Add the challenge token you copied from the Property Manager UI. The format can be either “token=1234….5678” or “1234….5678”.

HTTP

In this method, you create a file containing a token and save it on your origin server at the provided URL. This method is available for hosts (single hostnames).

Use this method when:

• You don’t have access to a DNS zone.
• You’re using multiple CDNs. In this Multi-CDN scenario, you need to manage domain validation through files on the origin server.

Don’t use this method when:

• You want to validate a wildcard domain.
• You don’t want to manually obtain the new challenge tokens from ​​Akamai​ and add them to a file on your origin server.

How to:

1. Add a hostname to your property version.
2. At the Domain and Certificate Security step, select HTTP. See how to view validation challenges of already added hostnames.
3. Copy or download the validation challenges. Expand the hostname row to view all the details.
4. Create a file with the challenge token and place the file on your HTTP server, in the location given as the URL in the Property Manager UI.

   cd <web-server-www-root>  
   mkdirs /.well-known/akamai/akamai-challenge  
   echo -n "your-verification-token" > /web-server/.well-known/akamai/akamai-challenge/<challenge-path-token>
   

See also

• Prove domain ownership to ​Akamai​ in Domain Ownership Manager.
• Use PAPI to generate validation challenges to prove domain ownership to ​Akamai​.
• Get answers to frequently asked questions.