Domain Validation

The Domain Validation (DV) SSL certificate is the most affordable choice for increasing the security of your blog, personal or small business website. Since there is no required paperwork, the process of acquiring the Domain Validation certificate is very quick and easy: you will have to prove that you are the domain owner just by responding to an automatic e-mail message. After a couple of minutes, you will receive the issued SSL certificate which can be installed immediately. Sites with Domain Validation certification can be identified by the green padlock that is displayed by most web browsers.

This type of SSL certificates is recommended to be used if you need to prove that your site is secured, by having a secured connection. The Domain Validation certificates don’t display the legal entity, as the identity of the website owner is not checked while issuing them. So, if you have an e-commerce website or a site that collects users’ personal data, you should consider buying our Business Validation (BV) or Extended Validation (EV) certificates, which will make your site more trustworthy.

In order to buy a Domain Validated certificate you do not need to provide any documentation. You will have to confirm the domain ownership through a simple email or file-based authentication. Following completion of one of these elements the DV certificate will be signed and released to you.

The validation time of an SSL depends on the type of certificate you chose to buy.

Domain Validated certificates are issued within 3-5 minutes in 99% of the cases. Only when an SSL Certificate is requested for a domain name that contains a trademark or a brand name, then those SSL Certificates may pass brand validation, and can take up to a business day to be issued.

Business Validated certificates are usually issued within 1-3 business days.

Extended Validated certificates can take between 1-7 business days to be issued. The Certificate Authority does its part of the work very quickly. If all the information is provided to the Certificate Authority quickly and correctly, then the Certificate Authority can issue the EV certificate within 1 business day. We’ve seen situations when the EV Certificate was issued within a few hours. The 1-7 days period depends on how quickly the customer provides the required information to the Certificate Authority, and how quickly the customer responds to the Certificate Authority’s potential requests for additional information.

By doing the Validation process, the Certificate Authority’s is trying to confirm that you are the owner of the domain, and that the company that you are requesting a Business Validation or Extended Validation certificate for is active. That is why it is important that you keep your company’s records (address and phone number) up to date and you promptly respond to the Certificate Authority’s requests.

bv2bv1You can check whether your SSL Certificate requires Domain Validation, Business Validation or Extended Validation by looking at the attributes of your SSL Certificate. Please open the two screenshots on the right in order to see where you can find the information about the validation type of your SSL Certificate.


Yes, you can secure an IP address with an SSL Certificate. However, only some specific SSL Certificates will allow you to do that. Here are those SSL Certificates:
– Comodo InstantSSL Premium
– GeoTrust TrueBusinessID
– Thawte Web Server SSL
– Symantec Secure Site
– Symantec Secure Site PRO

Please note that all these certificates are Business Validation SSL Certificates, which means that you need to have a registered company in order to be issued one of these certificates.

Unfortunately, domain names that end with .local are not supported from November 1st, 2015. If you request an SSL Certificate for a domain or sub-domain that has .local as an extension, your SSL Certificate will be rejected by the Certificate Authority.

If you want to secure a domain or sub-domain on your localhost, you can create a self-signed SSL Certificate. There is plenty of documentation online on how to do that.

manage_validation_methodPlease go through the next steps in order to change the domain validation type for your SSL Certificate:
1) Log into your SSL Dragon account;
2) Go to “Services” -> “My Services”;
4) You will see the list of products which you bought from SSL Dragon. Click on the SSL Certificate which you would like to change the domain validation type for;
5) Click on the “Manage validation method” text-button on the left side of the page;
6) Choose the new domain validation method; You can read more about what each validation type means at this link;
7) Press on the green button from the bottom of the page that says “Continue”.

When requesting an SSL Certificate you have to prove that you own or you have management rights over the domain or sub-domain that you are requesting an SSL Certificate for.

Domain validation by email

If you have an SSL Certificate issued by Comodo, GeoTrust, Thawte, Symantec and RapidSSL, then you can complete the domain validation is by responding to an automated domain validation message sent to your email address. You will be given a list of emails to choose from, and the automated domain validation message will be sent to the email address that you choose.

Always check your email address (including your Spam folder) so as you should receive an email message from the Certificate Authority with instructions on how to validate (prove the ownership of) your domain name. The email message will ask you to copy a unique code and paste it on a specific link provided in the same email message.

If your SSL Certificate is issued by Comodo, there are 2 more ways how you can complete the domain validation:

Domain validation via the HTTP / HTTPS method

The HTTP validation consists of uploading a TXT validation file to a pre-defined location on your website. You have to make sure that you can access this file and link from any web browser. Once you proceed with this domain validation method, Comodo will run a scan of your website and will look particularly for this file at the given link. Your SSL Certificate will pass the domain validation within a few minutes after Comodo’s system finds the TXT file on your website.

The HTTPS validation method is the same validation method as described above. You should choose the HTTPS option if you already have an SSL Certificate installed on your website.

Domain validation via the DNS method

Comodo allows you to to add a pre-defined domain record to your domain registrar (the website where you registered your domain name). Make sure that your firewall doesn’t block Comodo validation robot. Comodo validation robot comes from / The user agent should be “Comodo DCV” or “COMODO DCV”.

Please note that newly added DNS records take between 10-48 minutes to propagate. This means that you will have to wait up to 48 hours to pass the domain validation if you go with this method. That is why we recommend the Email, HTTP, and HTTPS methods better, so as they would allow you to pass the domain validation instantly.

How to change the domain validation method?

If you chose one of these domain validation methods described above, and you see that your domain doesn’t get validated, then you can always change your domain validation method. Please go to this link to learn how to do that.

When you buy a multi-domain SSL Certificate and you include several domain names and/or sub-domains in it, the Certificate Authorities require you to pass the domain validation for each and every domain name and/or sub-domain that you included in your multi-domain SSL Certificate, and only after that the multi-domain SSL Certificate will be issued to you.

POSSIBLE PROBLEM: Sometimes the email addresses, or your HTTP options, or the DNS records that you choose for your multi-domain certificate do not get set correctly when they reach the Certificate Authority. You will know that when you see that you only got one single domain validation message to your email address instead of getting several domain validation messages, or your multi-domain SSL Certificate’s status still shows as “Awaiting Validation (Full)” even though you passed the domain validation for one of the domains.

partner-order-idHOW TO FIX: There is an easy way to fix that, and that requires getting in contact with the Certificate Authority’s Validation Department. When you contact them, please provide them your “Partner Order ID” (see screenshot on the right), and then tell them about the domain validation method that you chose to go with: HTTP, DNS or Email. If you chose to pass the domains validation by email, then double check with the Validation Department representatives what email addresses are set in their system, and ask them to send you the domain validation messages to your desired email addresses.


Please call Comodo Validation Department at +1 (888) 266-6361 (Ext 4) for the above stated reasons. When you talk to them, you will need to provide them your “Partner Order ID”.

Thawte, GeoTrust, Symantec/VeriSign

Please call Thawte, GeoTrust, Symantec/VeriSign Validation Department at +1 (520) 477-3152 (Ext 2) for the above stated reasons. Please note that Thawte, GeoTrust, Symantec/VeriSign are all owned by Symanec, and they all have the same phone number provided above.  When you talk to them, you will need to provide the “Partner Order ID”.