How to Approve the Certificate Authority for Validation
Introduction
After the certificate is configured in the Billing system, you need to respond to the approve/validate request from the certificate authority to get the SSL certificate issued.
This is a guide on how to approve/validate the certificate. There are three authentication methods:
- HTTP
- DNS TXT Record
- Email
1 Authentication Method 1: HTTP
To get the SSL certificate issued by the HTTP method, a unique verification file, which can be downloaded at the bottom of your order details page in the Billing system, must be publicly visible at a specified URL. The file path should follow the folder hierarchy shown below:
Your-requested-domain.com/.well-known/pki-validation/[a unique file name].txt
1.1 Download the Authfile
After you choose HTTP as the authentication method, please go to the following page to download the authentication file.
1.2 Create Your File Path
- In your server public or home directory (where your public website files live), please create a new folder titled “.well-known”.
- Inside of the “.well-known” folder, create a second folder entitled “pki-validation”.
- Inside of the “pki-validation” folder, place the unique text file that you downloaded via step 1.1 Download the Authfile.
1.3 Make sure that the newly added file can be accessed on Internet
If you are successful in the creation of the verification file path outlined above, you should be able to view the unique file contents by accessing your verification file path in any web browser.
Here is a sample:
If you can view the unique file contents by accessing your verification file path in any web browser, your SSL will be issued shortly.
2 Authentication Method 2: DNS TXT Record
To complete the domain verification by the DNS method, you will need to add a TXT record.
2.1 Get TXT record details
You will get the TXT record details (record name and record value) while you choose the authentication method as DNS TXT Record.
Here is an example of what you will get:
2.2 Add TXT record
Add a TXT record on your domain’s name server as follows:
Record Name: The name should be blank.
Record Value: The value you get from the previous step.
Note:
Whether you purchase the certificate for a main domain or a subdomain, the record should be added to the main domain.
2.3 Check if the TXT record is ready
If you would like to see if the TXT record has propagated to the internet, you can check the record using any DNS record lookup tool, for example:
https://mxtoolbox.com/TXTLookup.aspx
If the TXT record is propagated, your SSL will be issued shortly.
3 Authentication Method 3: Email
To get your SSL certificate issued using the Email method, you need to create an email account “admin@YourDomain.com” first.
Note: The email account “admin@YourDomain.com” must be valid.
3.1 Get the approval email
An approval email will be sent to “admin@YourDomain.com” while you choose the authentication method as Email.
Check the email on your email “admin@YourDomain.com” inbox.
3.2 Complete the request
An link to complete the request will be provided in the email.
Here is an example about the approval email:
Click the link to complete the request and the SSL certificate will be issued shortly.
4 The next step