Jul 1, 2025

OVERVIEW: This page walks you through the process performing domain verification from the Domain Verification Page of your OV/EV Certificate order. At the completion of this procedure, you will be able complete your domain verification for your SSL certificate. For certificate installation instructions, please refer to this guide. Can't find what you're looking for? Get in touch for assistance.

Menu Option

• DOMAIN VERIFICATION PAGE (DVP)     

• PERFORM DOMAIN VERIFICATION          
  Email Verification
  HTTP Verification
  DNS Verification

• FREQUENTLY ASKED QUESTIONS          
  How to Remove Non-WWW SANs?
  What happens when my Domain Verification Code expires?
  What happens when my SAN fails the security check?
  My validations were reset, what happened?

Domain Verification Page (DVP)

This process enables domain validation to be done entirely by the Applicant, Reseller, or other entity that has applicable domain permissions, which enables the domains to be validated in a matter of minutes. This is a proven process that has been used in our Managed SSL (MSSL) platform, and we're excited to extend it to our remaining GlobalSign SSL products!

IMPORTANT: This page for Organization SSL and Extended SSL Certificates only. If you did not order OV or EV SSL, proceed with the domain verification method for standard SSL orders. If you have questions or clarifications, contact support for assistance.

Guidelines

1. Upon submission of your order you will be provided with a link to their order-specific DVP where the domain validations can be performed. Click the link to open the DVP. 
   
   You can find the DVP link on the following channels: 
   • Shown in the order acknowledgement window upon submission of order. 
   
   
   
   • Sent to your email as part of the order acknowledgement email.
   
   • View it in GCC via Search Order History > Enter Order Number or click Search to view all orders > Click the order number > Scroll to the bottom and click the Domain Verification Page link under SANs Options. 
   
   
   
   • Available via the GCC SSL APIs.

   IMPORTANT: If you are still unable to locate the DVP, contact support for assistance and to send you your unique DVP URL. For questions and clarifications about the information presented here, please contact your Account Representative.

2. In the DVP, you can find your order and organization information, as well as the unique Domain Verification Code (DVC) and the list of all SANs in your order. Click the dropdown and select the domain verification method you prefer for your SAN. 

   IMPORTANT: For each SAN in the table, you can select one of the domain validation methods listed. In the event that the domain was recently verified for the same Organization (same Applicant), the domain validation of the prior order will be re-used and the domain will appear as already approved.

   
   

3. Once you select your preferred verification method, click Verify to continue. Note: For Email Verification, the action is Send Email.

   INFORMATION: SANs that share the same Domain Name will be grouped together, so you can verify them all at once with a single domain verification step; those that don't share the same Domain Name will be listed individually.

   
   

4. Once you click verify, a domain verification prompt will appear. Based on your chosen method, perform domain verification. 

5. Once GlobalSign has completed the Organizational validation and all of the domains have been approved, the Certificate will be issued.
   Note: Organization validation and domain validation will happen in parallel.

 

Perform Domain Verification

IMPORTANT: Before you begin domain validation, ensure that the order was placed by an authorized user and that you're approving domains for a legitimate order. To learn more about domain verification methods, please refer to this guide.

Email Verification

The Email validation method allows you to validate a SAN by responding to a challenge sent to a specified email address.

1. Select the SAN you want to verify and then click Send Email to open a pop-window for the next step.

2. Select the email address you want to use. Then, click Send Verification Email. 

   ADVISORY: Effective July 15, 2025, CA/Browser Forum prohibits the use of domain approval email addresses obtained from WHOIS and DNS SOA. Any domains validated via WHOIS or DNS SOA will not be usable after July 14, 2025. To learn more about these changes, please refer to these blogs: SOA Email, WHOIS provided email.

3. An acknowledgment email will be sent to your selected email address containing the link of the approver page. Review the information and click the link to continue to the approver page. 

4. Click I Approve to authorize the issuance of the SSL Certificate.

5. Once approved, an email will be sent to you confirming the order has been completed with the details of your certificate. You can now install the certificate upon receipt of email.
   Note: In the DVP, the status of the SAN will change once approved.

 

HTTP Verification 

The HTTP validation method allows you to validate a SAN by uploading the supplied DVC to a specific website location. 

ADVISORY: The HTTP domain validation method will no longer be permitted for issuance of subdomains and wildcards effective - Nov 28th, 2021. For more details about these changes, please check this page.

 

1. Select the SAN you want to verify and choose HTTP as verification method. Then, click Verify to open a pop-window for the instructions.

2. In the pop-up window, perform the following instructions:
   Step 1: Copy the DVC and place it in a text file named gsdv.txt.
   Step 2: Select the protocol (http or https) to use in order to access gsdv.txt. Then, select the exact domain name to use.
   Step 3: When the file containing the DVC is in the designated location, you can verify the domain. 

3. Once you have placed the verification code in the designated location, click Verify.

4. GlobalSign will verify that the DVC is at the selected location and approve the SAN if successful.

   IMPORTANT: If the site cannot be verified an error will appear. If you receive an error, check the insertion of the code and try again.

5. The domain has now been successfully verified, and the certificate will be issued. 

6. An email will be sent to you confirming the order has been completed with the details of your certificate. You can now install the certificate upon receipt of email. 
   
    

DNS Verification Method

The DNS validation method is useful for domain owners that have easy access to their DNS provider and can create a DNS TXT record. 
 

1. Select the SAN you want to verify and choose DNS as verification method. Then, click Verify to open a pop-window for the instructions.

2. In the pop-up window, perform the following instructions:
   Step 1: Insert the entire code into a DNS TXT field for your domain.
   Step 2: Select the domain to be verified.

3. Once you have created a DNS TXT record for one of the permitted domains, click Verify.

4. GlobalSign will look for a DNS TXT record for the domain specified on this page. 

   IMPORTANT: If the site cannot be verified an error will appear. If you receive an error, check the insertion of the code and try again.

5. If there is a DNS TXT record containing the DVC, the SAN status will be changed to Approved. 

6. The domain has now been successfully verified, and the certificate will be issued. 

7. An email will be sent to you confirming the order has been completed with the details of your certificate. You can now install the certificate upon receipt of email. 

 

FAQs

How to Remove Non-WWW SANs

GlobalSign will automatically include a non-www SAN when customers request a Certificate with a CN that begins with 'www'.  For example, if you request a Certificate with the common name of 'www.example.com,' we automatically include a SAN for 'example.com.' Customers may remove this extra SAN from the list by doing the following steps:

1. In the DVC section of the Order Details page, click the trash can icon next to the SAN you wish to remove. You can click the black triangle next to this SAN to see the other SANs listed under this domain.
   
   




2. A confirmation window will display. Click Remove to remove the SAN or Close to close the window without removing the SAN.
   
   

What happens when my Domain Verification Code expires?

When you access the DVC section, a message at the top of the page will display, indicating the current Domain Verification Code has expired. Click the Generate New DVC button to generate a new domain verification code. The page will re-load and display the new DVC, with the message at the top of the page: "Domain Verification Code (DVC) Has Been Renewed."  Any pending domains will need to be verified using this new DVC.

What happens when my SAN fails the security check?

When you verify your SANs, they may go into an "In security review" status, which means GlobalSign Vetting Agents are conducting security checks against the SAN. If the SAN fails the security check, the SAN status will be updated and your order will be automatically cancelled. You must re-order the Certificate and not include that SAN in the order for the order to be processed.

My validations were reset, what happened?

Since you rely on seeing accurate Organization information when approving domains, it may be necessary on occasion to reset the domain validation status if Organization information changed during our organization-level verification process. We apologize in advance if this happened, but it's a necessary security step.