Jun 20, 2024
Article Purpose: This article provides a step-by-step instructions on how to perform domain verification using the HTTP Verification Method. This method is ideal for customers who can easily modify their website. If this is not the domain verification method you are looking for, please go here to view our other domain validation methods.
Note: The HTTP domain validation method will no longer be permitted for issuance of subdomains and wildcards effective - Nov 28th, 2021.
This method is applicable to:
GlobalSign is making significant improvements to the domain validation process for Partner and Retail OV and EV SSL Certificates through its GlobalSign Certificate Center (GCC) to reduce the time and effort needed to verify domains. For more details on this significant change, please go here.
The CAB Forum has specified a new standardized location to be used by all Certificate Authorities when performing domain verification using the HTTP Verification Method. GlobalSign has historically referred to this as the Meta-Tag or URL verification method because we allowed users to insert a meta-tag in the head of the main index page. All customers must use the new location, which involves placing the Domain Validation Code (DVC) in this file http(s)://example.com/.well-known/pki-validation/gsdv.txt. Please see the example below for your reference.
Domain being requested | Valid location (domain) | Valid Location (page/URL) since October 31, 2016 and after February 27, 2017 |
---|---|---|
a.b.c.example.com |
http(s)://a.b.c.example.com |
/.well-known/pki-validation/gsdv.txt |
The guidelines below describes the HTTP Verification Method using the new location which you can start using immediately.
Please follow the instructions below to complete the HTTP Verification Method:
Check your certificate installation for SSL issues and vulnerabilities.