Speed up SSL issuance
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.
Domain Validation SSL certificates are the most quickly issued products we have. In most cases, it takes just 5 minutes to issue SSL once domain verification passed. No paperwork requires, all you need is to pass Domain Validation Control (DCV) via one of the available methods.
You can check CAB Forum Reference for more details.
For each FQDN, the “Authorization Domain Name” is the domain name that you use to do the DCV.
An email is sent to that address, containing a unique validation code. The email should be received by someone in control of the domain, where they can follow a link provided in the email and enter the validation code, thus proving domain control.
The unique validation code is only valid for 30 days. I.e. any attempt to use the unique validation code more than 30 days after it was created will fail. The list of acceptable email addresses for any given domain are:
HTTP based DCV requires that a HTTP server be running on port 80 or that an HTTPS server be running on port 443 of the Authorization Domain Name. Sectigo looks for the file at every valid Authorization Domain, i.e. starts with the FQDN and then will strip one or more labels from left to right in the FQDN and will look for the file on each intermediate domain.
You will receive the validation file in the (.txt) text file. A text file is created, containing the SHA-256 hash, the Request Tokens/Unique value and the domain ‘sectigo.com’ on the next line.
For example: A CSR is generated with the CN=www.example.tld The Authorization Domain Name will be example.tld The CSR is hashed using both the MD5 and SHA-256 hashing algorithms.
The file name format is:
http://example.com/.well-known/pki-validation/C7FBC2039E400C8EF74129EC7DB1842C.txt
{TEXT FILE CONTENT}
c9c863405fe7675a3988b97664ea6baf442019e4e52fa335f406f7c5f26cf14f
sectigo.com
123456789
The Sectigo CA system checks for the presence of the text file and its content. If the file is found and the hash values match, domain control is proven.
DNS CNAME based DCV requires the creation of a unique CNAME record, pointed back to Sectigo CA. Sectigo looks for the CNAME at every valid Authorization Domain, i.e. starts with the FQDN and then strip one or more labels from left to right in the FQDN and will look for the CNAME on each intermediate domain.
For a certificate request for an FQDN of *.mail.internal.example.tld, Sectigo would looks for the CNAME in these places and in this order: mail.internal.example.tld internal.example.tld example.tld The Authorization Domain Name is the one we find it on.
A CNAME DNS record is created under the Authorization Domain Name. The content of the CNAME is described in more details below. Two hashes of the CSR are generated before submission to Sectigo CA.
The format of the CNAME will be: ‘_’.Authorization Domain Name CNAME example _CC5412BF14B25A69F0D3A571C2426767.example.tld. .[ .]sectigo.com example 72B21EEE5B37D7913084.61F4BB041A1845F87DC8.sectigo.com.
When creating the DNS CNAME record over at your web-hosting company, there will 3 entries:
Get a Domain Validation SSL certificate within just 5 minutes using our friendly and automated system. No paperwork, callback or company required.
Found a better price? We will match it - guaranteed. Get the best possible price in the World with us. The correct place to save your money.
Try 90-day Trial SSL Certificate before the real purchase to test cert's functionality. 99.9% browser and mobile support. Free reissues.
Customer satisfaction is our major concern. Get a full refund within 30 days for any purchase of SSL certificates with 100% guarantee.
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.