tencent cloud

Feedback

DNS Validation

Last updated: 2024-10-31 15:12:34

    Overview

    This document describes how to validate a domain when you apply for a certificate or add a domain in the certificate management console and the domain validation mode is DNS validation.

    Directions

    Step 1. View validation information

    1. Log in to the SSL Certificates console.
    2. Select a certificate in the Validating state. On the Validate Domain page displayed, obtain the host record and record value. See the figure below.
    Note:
    Take note of the host record and record value before you go to step 2 to add a DNS record.
    
    
    

    Step 2. Add a DNS record

    Note:
    The following operations apply only to domain names hosted with Tencent Cloud. For domain names hosted with other platforms, go to the corresponding DNS service provider for DNS. To query DNS service providers, go to DNS.TECH.
    1. Obtain the host record and record value, which can be obtained on the Validate Domain page, as described in step 1.
    2. Log in to the DNSPod console to view the domain name for which a certificate has been applied, and then click DNS in the Operation column to go to the Record Management page. See the figure below.
    
    
    3. Click Add Record and add a DNS record depending on the certificate type.
    Note:
    Only the CNAME and TXT types of DNS records are supported, and they are applicable for certificates of different brands. Please select the DNS record type as needed.
    TrustAsia and WoTrus Certificates
    Certificates of Other Brands
    For TrustAsia and WoTrus certificates, enter a DNS record of the CNAME type. See the figure below:
    
    
    Host: enter the host record obtained in step 1.
    Type: select CNAME.
    Split Zone: select Default. Otherwise, the corresponding CA will not be able to review the DNS record.
    Value: enter the record value obtained in step 1.
    MX Priority: leave it empty.
    TTL: it refers to the time to live. The smaller the value is, the less the time cost for record changes to take effect globally. The default value is 600 seconds.
    For certificates of other brands, enter a DNS record of the TXT type. See the figure below.
    
    
    Host: enter the host record obtained in step 1.
    Type: select TXT.
    Split Zone: select Default. Otherwise, the corresponding CA will not be able to review the DNS record.
    Value: enter the record value obtained in step 1.
    MX Priority: leave it empty.
    TTL: it refers to the time to live. The smaller the value is, the less the time cost for record changes to take effect globally. The default value is 600 seconds.
    4. Click Save.
    5. After the record is added, the system periodically checks for the record value. If the record value is detected and matches the specified value, the domain ownership verification will be completed. Please wait for the CA's review.
    Note:
    DNS usually takes effect within 10 minutes to 24 hours. The actual time depends on the ISP refresh time.
    After the certificate is issued or the domain name information is approved, you can manually clear the DNS record.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support