Authentication/Orders Support: Domain Pre-Validation – Domain Control Validation via Website Control

Instructions for authorizing a domain using a File on your website: This validation method requires you demonstrate control over the website content for the domain by making a file available at the file location—provided by your support representative. You must then add the random value verification token—provided by your support representative—to the web page in the exact location specified. When a CA does a search for the specified URL on that domain, they can look for and confirm the presence of our verification token. How to Use Your Website to Validate Your Control of Your Domain. Use this instruction if you need us to validate a domain by proving you are in control of your website content Your Authentication support […]

Read More

Authentication/Orders Support: Domain Pre-Validation – DNS TXT Validation

Instructions for authorizing a domain using DNS TXT as the DCV method This validation method requires you to create a unique TXT record for the domain. In this TXT record, you add the random value verification token for the domain—provided by your Support representative. When the Support representative does a search for TXT records associated with the domain, they can find a record where the record’s value includes the verification token (random value). How to Use DNS TXT as the DCV Method for a Domain? Use this instruction if you need us to validate a domain using the DNS TXT DCV method. Your Authentication support representative will provide you with the following items: A DNS TXT Entry (base domain or […]

Read More

Authentication/Orders Support: Domain Pre-Validation – Email Validation

Instructions for authorizing a domain using Email Validation: Before a Certificate Authority (CA) such as Digicert, Entrust, etc..  can issue a certificate, you must prove control over the domains and any SANs (Subject Alternative Names) on the order. We refer to this process as the Domain Control Validation (DCV) process, and it is the most common method of validation. How to Use Email as the DCV Method for a Domain? This will vary between the certificate authorities, but for the most part. The certificate authority will send an authorization email to the registered owners of the domains listed. They can also send the authorization email to the admin, administrator, webmaster, hostmaster, and postmaster accounts for each public domain. You must […]

Read More

CA|B Fourm Passes Ballot 218 – Removing validation methods 1 and 5

As of August 1, 2018, all Certification Authorities (CA) can no longer validate domains by matching WHOIS domain registrant search results with certificate requester. Purpose of Ballot: Section 3.2.2.4 says that it “defines the permitted processes and procedures for validating the Applicant’s ownership or control of the domain.”  Most of the validation methods actually do validate ownership and control, but two do not, and can be completed solely based on an applicant’s own assertions. Since these two validation methods do not meet the objectives of section 3.2.2.4, and are actively being used to avoid validating domain control or ownership, they should be removed, and the other methods that do validate domain control or ownership should be used. WHAT ARE THE ACCEPTED VERIFICATION […]

Read More

Symantec/Digicert- Google Reissue You May Have to Reissue Your SSL Certificate.

You May Have to Reissue Your Certificate!! Since announcing the acquisition, DigiCert has actively engaged with the security community to explore paths that address browser concerns about Symantec/Geotrust/Thawte/Rapidssl-issued certificates while balancing the SSL/TLS implementations currently deployed.  Symantec-issued certificates impacted by browser timelines will need to be replaced to bring them under the new Digicert platform. These will be replaced at no cost to all certificates issued prior to December 1st 2017, and Digicert will work to ensure a smooth process. Many customers have already received information on certificate replacement, and more information will be forthcoming for affected parties. Acmetek requests that all clients/users of the SSL Partner Center to perform these reissues as soon as possible to avoid warning messages […]

Read More