Types of certificate validation. What I need to validate in order to get the SSL?

  • 1377
Time to read article: 4 min
SSL certificates with domain verification, or as some call them, entry-level certificates are the most common in the world, because the speed of issuing such certificates varies from 2-10 minutes, depending on the brand. To obtain such a certificate, no documents are required, the whole process is extremely simple, you need to confirm ownership of the domain, and for this there are 3 ways, one main and two alternative.

Entry-level SSL certificates with domain verification are one of the fastest-issued certificate types because Do not require any documents. We recommend these certificates for small sites and small projects, when you do not need a lot of trust from clients and visitors of the site/project. With such a certificate, static security logos are more often used, however there are some that offer dynamic ones, for example: Thawte SSL 123, Sectigo SSL Certificate.

Validation methods

Here is a short overview of available verification methods for Domain Validation certs.

  • Validation via Email (DCV Email)

    This method is described on many sites and blogs, the whole point is that the certification authority will send you a verification letter in which there will be a link to confirm ownership of the domain. Such a letter can be sent either to the e-mail specified in the Whois of your domain, or to one of the golden five: admin @, administrator @, hostmaster @, postmaster @, webmaster @

  • Validation via DNS CNAME

    A fairly popular method, for those who may not have a mail server configured, and whois e-mails are closed by private registration. The bottom line is simple, you have to make a special entry in your DNS, and the certification authority will check it. The method is fully automatic.

  • Validation Using a Hash File (HTTP CSR Hash)

    An even simpler method is that you will be provided with a special .txt file that you must upload to your server, the certification authority will verify its availability and a certificate will be issued. The method is fully automatic. 

    IMPORTANT! Since 15 November 2021 there is no possibility to use HTTP method for Wildcard certificate validation, only DNS CNAME or EMAIL methods are welcomed.



    Business validation SSL certificates, also known as Organization validation certs are strong trust products. Technically, they provide the same level of encryption as any DV SSL certificate, however, they authenticate the company's legal existence, address, and phone number. That brings higher trust by your existing and potential customers viewing your website or working with your online service.

    OV SSL certs always have higher warranty level comparing to DV certs and that is an extra benefit. Validation of OV certs takes around 1-5 days in case all information provided on time. Please check our validation guide to understand the process more clearly.



    EV SSL Certificate - A certificate used to configure HTTPS support on a site. To obtain an EV certificate, you must confirm the existence of the company in whose name the certificate is issued in a certification center. Browsers show information about the existence of the company either in front of the domain name of the site.

    EV certificates use the same security methods as DV and OV certificates: a higher level of protection is provided by the need to confirm the existence of a company in a certification authority. The criteria for issuing EV certificates are defined by a special document: Guidelines for Extended Validation, currently (as of August 1, 2019) the version of this document is 1.7.0. The manual was developed by CA / Browser Forum, an organization whose members are certification authorities and Internet software vendors, as well as representatives of legal and audit professions.