In order for you to get a valid SSL certificate, it is necessary to verify that you or your organization is the rightful owner of the domain. This step in the process is known as Domain Control Validation or DCV.
While issuing a certificate from r2 you will be shown three methods for verifying domain control.
In this method of verification, you verify the domain control by receiving an email on any one of the following email ids on your domain. It is necessary that you have access to these email address, a mail will be sent to this email address with a code. You need to click on the link provided in the email and enter the code to prove you have control over the domain.
CNAME verification requires you to verify the domain name by entering the CNAME record provided in the DNS zone of your domain name. Once you add the DNS record it may take up to 4 to 8 hours for the verification to complete. The system will check for the presence of the record in the DNS zone, and if the record is found the Domain control will be verified and the certificate will be issued. Depending on where your domain's DNS zone is, you will have to enter the record. If you are using r2's DNS management interface, learn how to enter CNAME Record.
In this verification method, you need to upload a text file to your server at a particular path to prove ownership of the domain and hosting. Once you upload the file it might take some time to complete the verification.
Follow the steps mentioned below to upload the file to your server.
- In the public_html folder of your server create a new folder/directory with the name .well-known.
- Then inside the .well-known folder create a new folder/directory with the name pki-validation.
- Upload the text file downloaded from the control panel to this folder. Note
Make sure the file name is not modified and there are no extra characters in the file name. It is also necessary you don't modify the contents of the file. This is necessary to complete the verification without any issues.
This verification method is not available for wildcard SSL certificates.