The first time a domain name is added to Alibaba Cloud Content Delivery Network (CDN), Alibaba Cloud CDN verifies the ownership of the domain name. This ensures that the domain name is added by its owner. If a domain name that belongs to User A is added to Alibaba Cloud CDN by User B, security issues may arise. When you add the domain name to Alibaba Cloud CDN again, or add the subdomains of the domain name, ownership verification is not required.

Verification methods

Log on to the Alibaba Cloud CDN console and navigate to the Add Domain Name page. Set the parameters and click Next. You are redirected to the verification page, as shown in the following figure. You can prove the ownership by adding a DNS record or uploading a verification file. Choose one of the methods based on your business requirements. A domain name is added to Alibaba Cloud CDN only after the domain name passes ownership verification. Add a DNS record to prove the ownership

Method 1: Add a DNS record to prove the ownership (recommended)

In the following examples, a.com is used to demonstrate how to prove the ownership of a domain name. If your domain names have already passed ownership verification, skip this topic.

  1. On the verification page, click the Method 1: DNS Settings tab.
    The system automatically recognizes the record type, host, and record value. Do not close the verification page before the verification process is completed.
    Note If you want to add the domain name to Alibaba Cloud CDN by calling the AddCdnDomain or BatchAddCdnDomain operation, you must first call the BatchAddCdnDomain operation to query the record value and add a TXT record for the domain name. Then, you can call the AddCdnDomain or BatchAddCdnDomain operation to add the domain name to Alibaba Cloud CDN.
    Add a DNS record to prove the ownership
  2. In the system of your DNS service provider, add a TXT record for the domain name.
    In this example, Alibaba Cloud DNS is used to show how to add a TXT record. Other DNS service providers such as Tencent Cloud and Xinnet adopt similar methods.
    1. Log on to the Alibaba Cloud DNS console.
    2. On the Manage DNS page, find the a.com domain name and click Configure in the Actions column.
    3. Click Add Record and enter the record type, host, and record value obtained in Step 1.
  3. After the TXT record takes effect, go to the Alibaba Cloud CDN console. Click Verify to complete the verification process.
    If the system prompts that the domain name fails the verification, check whether the TXT record is correct. Wait for the TXT record to take effect and try again.

Method 2: Upload a verification file to prove the ownership

In the following examples, a.com is used to demonstrate how to prove the ownership of a domain name. If your domain names have already passed ownership verification, skip this topic.

  1. On the verification page, click the Method 2: Verification File tab.
    Do not close the verification page before the verification process is completed. Upload a verification file to prove the ownership
  2. Click verification.html to download the verification file of the domain name.
    Note The DescribeVerifyContent operation can be used to generate strings that must be included in the verification file. If you want to call the AddCdnDomain or BatchAddCdnDomain operation to add the domain name to Alibaba Cloud CDN, you must first call the DescribeVerifyContent operation to generate strings. Then, create a verification.html file that contains the strings and upload the file to origin server.
  3. Upload the verification file to the root directory on the origin server of the domain name. The origin server can be an Elastic Compute Service (ECS) instance, an Object Storage Service (OSS) bucket, a Cloud Virtual Machine (CVM) instance, a Container-Optimized OS (COS) instance, or an Elastic Compute Cloud (EC2) instance.

    After you upload the verification file, Alibaba Cloud CDN visits the origin server at http://a.com/verification.html to obtain the verification file. Then, Alibaba Cloud CDN determines whether you have uploaded the verification file as required. Make sure that the verification file is accessible.

  4. Click Verify to complete the verification process.

Related API operations

FAQ

The following issues may arise the first time a domain name is added to Alibaba Cloud CDN:
  • Q: Why does Alibaba Cloud CDN verify the ownership of domain names?

    A: Ownership verification ensures that domain names are added to Alibaba Cloud CDN only by their owners. If a domain name that belongs to User A is added to Alibaba Cloud CDN by User B, security issues may arise.

  • Q: If I have multiple Alibaba Cloud accounts and this is the first a domain name is added to Alibaba Cloud, does Alibaba Cloud CDN verify the ownership of the domain name for each account?

    A: Yes. Each Alibaba Cloud account is identified as an independent user. The first time a domain name is added to Alibaba Cloud CDN, Alibaba Cloud CDN verifies the ownership of the domain name for each account (user).

  • Q: After a domain name passes ownership verification after I add a DNS record or upload a verification file, can I delete the record or file?

    A: Yes. The required DNS record or file is used for only ownership verification. After the domain name passes the verification, you can delete the record or file.

  • Q: Do I need to prove the ownership of a domain name that has already been added to Alibaba Cloud CDN?

    A: No. For example, you have added the domain name b.a.com to Alibaba Cloud CDN and the Canonical Name (CNAME) that is assigned to the domain name works as expected. In this case, you are deemed to own the domain name a.com. When you add subdomains of a.com, such as xx.a.com or xxx.a.com, Alibaba Cloud CDN does not verify the ownership of the subdomains.

  • Q: If I call the AddDomain operation to add a domain name to Alibaba Cloud CDN, do I need to prove the ownership of the domain name?

    A: Yes. You must first add a DNS record or upload a verification file to the root directory of the origin server of the domain name that you want to add. Then, call the AddDomain operation to add the domain name to Alibaba Cloud CDN.

  • Q: What can I do if I cannot prove the ownership of my domain name by adding a DNS record or uploading a verification file to the origin server?

    A: To resolve this issue, you can submit a ticket. In the ticket, provide the reason why you cannot use the given methods to prove the ownership of your domain name and include the information that can identify you as the owner of the domain name. Then, wait for Alibaba Cloud to perform manual verification.