If you request a domain to be used in
publicly trusted certificates issued by QuoVadis you are presented with
several choices to validate control of the domain. This may apply to
SSL/TLS certificates, or end user certificates including email
addresses, such as S/MIME certificates.
- Agreed-Upon Change to Website: Post a file provided by QuoVadis on the specified host to demonstrate Domain control. Requires access to the web space root directory
- DNS Change: Create a DNS entry to demonstrate Domain control. Requires access to the DNS zone for the domain
- QuoVadis Assisted Validation: QuoVadis will assist you through alternate manual processes of validating control
BR section 3.2.2.4.7 describes a process using a Random Value
published in DNS records for the domain to demonstrate control.You will
be provided a Random Value by QuoVadis in the following form:
QuoVadis=000000000000-0000-0000-0000-000000000000
The Random value should be posted in DNS for the domain as follows
(replacing the 000000000000-0000-0000-0000-000000000000 with the Random
Value you were given):
example.com. IN TXT "QuoVadis=000000000000-0000-0000-0000-000000000000"
Important Note: If the option is available, QuoVadis highly recommends setting the TTL to 1800 for all TXT records. Setting a longer TTL may delay the time it takes for your domain to be validated.
Alternatively, you can prefix “_dnsauth” to the record if there is a conflict with an existing CNAME record as follows:
_dnsauth.example.com. IN TXT "QuoVadis=000000000000-0000-0000-0000-000000000000"
The Random Value provided by QuoVadis is valid for 30 days, and
validation must reoccur according to the applicable requirements of the
certificate type (detailed in Section 4.2.1 of the Baseline Requirements
or Section 11.14.3 of the EV Guidelines).