The domain ownership rights should be confirmed prior to the certificate issuance. Different methods of Domain Control Validation can be chosen during the activation process.
Earlier, only email validation was possible, now you have an opportunity to choose between email and HTTP-based validation.
What does each option mean?
Email validation. The common way to prove your domain name ownership is to approve the email received from Certificate Authority.
During the activation, it is necessary to choose the email address where the approver email will be sent to.
Due to regulations of Certificate Authority (Comodo) the approver can be sent either to a domain whois record or to one of the following domain-based emails: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org or email@example.com.
When the activation is complete, you will receive the email from the Certificate Authority to the selected email address.
HTTP-based validation. This type of validation can be done by uploading a certain text file into a particular directory of your website (<DOCUMENT_ROOT>/.well-known/pki-validation/).
In order to find the validation file you need to perform the following steps:
1) complete the activation of your certificate;
2) go to Purchased certs list;
3) click your certificate ID;
4) locate the red button “Save activation file” and click for downloading.
A pop-up window will appear and will prompt you to download the needed file (*.txt for COMODO certificates).
When the file downloaded, it is necessary to place into the following location: <DOCUMENT_ROOT>/.well-known/pki-validation/. In order to validate your certificate, the file content should be shown via the following URL:
Please make sure to have no access restrictions set on the server so that the file can be accessible worldwide for verification.
Note! When a COMODO certificate is activated for a subdomain, you need to upload the text into the subdomain root directory; if the file is uploaded to the directory of the main domain - it should get verified as well. If you are activating a COMODO Multi-domain certificate for subdomains, you should place the validation file into the Document root directory of the corresponding subdomain and for its domain as well.
In order to proceed with HTTP validation of Wildcard certificates, it is necessary to create the '.well-known' folder under the root folder of a main domain, and then 'pki-validation' folder inside of it with the validation file placed in the 'pki-validation' one (for instance, you have a certificate for *.example.com, the file should become accessible via http://example.com/.well-known/pki-validation/file.txt).
Note! If you have activated the certificate with www.domain.com indicated as FQDN in your CSR code, please make sure that the file is available via http://domain.com/.well-known/pki-validation/file.txt . In this case, www.domain.com is considered to be under your control as well.
The content of the file shouldn't be changed in any way, as Comodo validation system is case sensitive.
Keep in mind if https:// is enabled on your server and the validation file is accessible via https://, contact Support in order to update the validation method and speed the process up.
If do not have access to the methods described above, you may consider DNS-based validation. In order to apply this method and get the DNS record, you will need to contact Support Team via ticket or chat system.
The main action you need to perform is to create a CNAME record in the DNS settings of your domain.
The alternative validation via HTTP or CNAME may take up to 1 hour. If it takes more time, it is necessary to check whether the file is accessible publicly or the record is still being propagated. If everything looks fine from your side, please contact our Support Team so that we can check the issue with your certificate validation for you.