According to the CA regulations, if you are applying for a free or a DV digital certificate, you must complete the domain name verification to prove your ownership of the domain name bound to the certificate. As long as the domain name authorization information is configured as required, and the domain name verification is complete, the CA detection system takes effect, the certificate can then be issued.
- Automatic DNS verification
- Manual DNS verification
- File verification
Automatic DNS verification
- Log on to the Alibaba Cloud SSL Certificates console.
- Go to the certificate page for domain name verification and click Apply.
- On the Apply for Certificate page, select Automatic DNS Verification and submit the application information.
- On the verification information page, retrieve the Host Name, Record Value, and other domain name verification configuration information.
Note Automatic DNS verification is performed by your domain name administrator.
- As shown in the preceding figure, add the configuration Value of the certificate Verification Information page to the system by your domain name resolution service provider, such as HiChina,
Xinnet, and DNSPod.
- Domain names hosted on Alibaba Cloud:
Click Verify on the Apply for Certificate page. The SSL certificates system automatically verifies the certificate for you. If the verification fails, you need to manually add DNS records in the Alibaba Cloud DNS console.
- Domain names are not hosted on Alibaba Cloud:
We recommend that you select the Manual DNS Verification method. If the domain name is not hosted on Alibaba Cloud DNS, you cannot use this method to complete the verification.
Note This DNS resolution record can be deleted only after the certificate has been issued or revoked. - Domain names hosted on Alibaba Cloud:
Manual DNS verification
File verification
- Log on to the Alibaba Cloud SSL Certificates console.
- On the Apply for Certificate page, select File Verification.
- Download the unique verification file to your local device.
- Use a tool, such as FTP, to upload the unique verification file to the specified directory on your server .well-known/pki-validation.
You can view the server directory name in the Configuration Items list on the Verification Information page.