Domain Validation SSL verification
First step - DCV process
DCV (Domain Control Validation) is verification of domain name ownership and control. It is possible to validate domain via multiple methods like E-Mail validation, DNS CNAME and HTTP/HTTPS Hash file.
via E-mail (Most popular)
DCV via e-mail is the most traditional method to pass ownership verification. The certification center will send e-mail to the administrative contact of your domain. The mail contains a unique validation code and link to a certification website to enter the code.
You can use "magic five" e-mail addresses: admin@, administrator@, hostmaster@, webmaster@ and postmaster@. In some cases, it is possible to use administrative e-mail from WHOIS; Private registration should be disabled.
via DNS CNAME
To validate domain via DNS CNAME record, you need use hashes that we extract from the CSR code submitted by you. It takes from 10 minutes and up to 24 hours to validate domain; it depends on your DNS server TTL.
via HTTP/HTTPS Hash file
Quick and simple method to pass domain validation as it requires to upload a text (.txt) file with hashes extracted from your CSR code. The file must be accessible from the web. Use HTTPS method when SSL already in use and website available via HTTPS://
Second step - CAA Check
Starting at 8th September 2017, all CAs (certificate authorities) should respect your CAA policy. CAA record should allow CA to issue SSL for the domain name, otherwise, the order would be pending until you update the record. By default, any CA may issue SSL for your domain name, if no CAA record found.
Optional STEP - Manual check / Brand Validation
In some cases, certification centers may require manual verification if an order fails any internal rules. Normally it takes around 24-48 hours to check, issue or reject an order in such cases. There are multiple reasons why an order may be frozen for manual check.