The first time a domain name is added to Alibaba Cloud CDN, Alibaba Cloud CDN must verify the ownership of the domain name. This ensures that the domain name is added by its owner. If a domain name that belongs to User A is added to Alibaba Cloud CDN by User B, security issues may arise. If the domain name is added to Alibaba Cloud CDN again, or the subdomains of the domain name are added to Alibaba Cloud CDN, ownership verification is not required.

Verification methods

Log on to the Alibaba Cloud CDN console and navigate to the Add Domain Name page. Set the parameters and click Next. You are redirected to the verification page, as shown in the following figure. You can verify the ownership by adding a DNS record or uploading a verification file. Choose one of the methods based on your business requirements. A domain name is added to Alibaba Cloud CDN only after the domain name passes ownership verification. Add a DNS record to verify the ownership

Methods for verifing the ownership

You can directly add the TXT record to verify the ownership in the console in the two methods below:

Method 1: Use a DNS record to verify the ownership (Recommended)

In the following examples, a.com is used to demonstrate how to verify the ownership of a domain name. If your domain names have already passed ownership verification, skip this topic.

  1. On the verification page, click the Method 1: DNS Settings tab.
    The system automatically recognizes the record type, host, and record value. Do not close the verification page before the verification is completed.
    Note If you want to add the domain name to Alibaba Cloud CDN by calling the AddCdnDomain or BatchAddCdnDomain operation, you must first call the BatchAddCdnDomain operation to query the record value and add a TXT record for the domain name. Then, you can call the AddCdnDomain or BatchAddCdnDomain operation to add the domain name to Alibaba Cloud CDN.
    Add a DNS record to verify the ownership
  2. In the system of your DNS service provider, add a TXT record for the domain name.
    In this example, Alibaba Cloud DNS is used to demonstrate how to add a TXT record. You can use similar methods to add TXT records in the systems of other DNS service providers such as Tencent Cloud and Xinnet.
    1. Log on to the Alibaba Cloud DNS console.
    2. On the Manage DNS page, find the a.com domain name and click Configure in the Actions column.
    3. Click Add Record and enter the record type, host, and record value obtained in Step 1.
  3. After the TXT record takes effect, go to the Alibaba Cloud CDN console. Click Verify to complete the verification process.
    If the system prompts that the domain name fails the verification, check whether the TXT record is correct. Wait for the TXT record to take effect and try again.

Method 2: Upload a verification file to verify the ownership

In the following examples, a.com is used to demonstrate how to verify the ownership of a domain name. If your domain names have already passed ownership verification, skip this topic.

  1. On the verification page, click the Method 2: Verification File tab.
    Do not close the verification page before the verification process is completed. Upload a verification file to verify the ownership
  2. Click verification.html to download the verification file of the domain name.
    Note The DescribeVerifyContent operation can be used to generate strings that must be included in the verification file. If you want to call the AddCdnDomain or BatchAddCdnDomain operation to add the domain name to Alibaba Cloud CDN, you must first call the DescribeVerifyContent operation to generate strings. Then, create a verification.html file that contains the strings and upload the file to the origin server.
  3. Upload the verification file to the root directory on the origin server of the domain name. The origin server can be an Elastic Compute Service (ECS) instance, an Object Storage Service (OSS) bucket, a Cloud Virtual Machine (CVM) instance, a Container-Optimized OS (COS) instance, or an Elastic Compute Cloud (EC2) instance.

    After you upload the verification file, Alibaba Cloud CDN visits the origin server at http://a.com/verification.html to obtain the verification file. Then, Alibaba Cloud CDN determines whether you have uploaded the verification file as required. Make sure that the verification file is accessible.

  4. Click Verify to complete the verification.

Related API operations

FAQ

The following issues may arise the first time a domain name is added to Alibaba Cloud CDN:
  • Q: Why does Alibaba Cloud CDN verify the ownership of domain names?

    A: Ownership verification ensures that domain names are added to Alibaba Cloud CDN only by their owners. If a domain name that belongs to User A is added to Alibaba Cloud CDN by User B, security issues may arise.

  • Q: If I have multiple Alibaba Cloud accounts and this is the first time a domain name is added to Alibaba Cloud, does Alibaba Cloud CDN verify the ownership of the domain name for each account?

    A: Yes. Each Alibaba Cloud account is identified as an independent user. The first time a domain name is added to Alibaba Cloud CDN, Alibaba Cloud CDN verifies the ownership of the domain name for each account (user).

  • Q: If a domain name passes ownership verification after I add a DNS record or upload a verification file, can I delete the record or file?

    A: Yes. The required DNS record or file is used only for ownership verification. After the domain name passes the verification, you can delete the record or file.

  • Q: Do I need to prove the ownership of a domain name that has already been added to Alibaba Cloud CDN?

    A: No. For example, you have added the domain name b.a.com to Alibaba Cloud CDN and the CNAME that is assigned to the domain name works as expected. In this case, you are deemed to own the domain name a.com. When you add subdomains of a.com, such as xx.a.com or xxx.a.com, Alibaba Cloud CDN does not verify the ownership of the subdomains.

  • Q: If I call the AddDomain operation to add a domain name to Alibaba Cloud CDN, do I need to prove the ownership of the domain name?

    A: Yes. You must first add a DNS record or upload a verification file to the root directory of the origin server of the domain name that you want to add. Then, call the AddDomain operation to add the domain name to Alibaba Cloud CDN.

  • Q: What can I do if I cannot prove the ownership of my domain name by adding a DNS record or uploading a verification file to the origin server?

    A: To address this issue, you can submit a ticket. In the ticket, state the reason why you cannot prove the ownership through the given methods, and include the information that can be used to prove your identity as the domain name owner. Alibaba Cloud will conduct manual verification.