申请SSL证书验证域名所有权限的其他方法Alternative Methods of Domain Control Validation (DCV)
2013-10-17 09:01
561 查看
All Comodo certificates must pass through DCV (Domain Control Validation) before they are issued. DCV is a mechanism used to prove ownership or control of a registered domain name.
所有套装证书必须通过DCV(域控制器验证)之前他们颁发。DCV是一种机制,用来证明注册域名的所有权或控制权。
There are 3 mechanisms for DCV:
eMail-based DCV (Traditional)
基于E-mail方式的域名控制验证
You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control.
你将被发送电子邮件为您的域名管理联系人。电子邮件将包含一个独特的验证代码和链接。单击该链接并输入该代码将证明域控制。
Valid email addresses are:
Any email address which our system can scrape from a port 43 whois check;
The following generic admin type email addresses @ the domain for which the certificate is being
有效的电子邮件地址:
我们的系统可以的任何电子邮件地址从一个端口43的whois检查;
以下是有效的管理员的电子邮件地址@域类型
applied:
admin@
administrator@
postmaster@
hostmaster@
webmaster@
DNS CNAME-based
基于DNS CNAME方式的域名控制验证
The CSR you submit to Comodo will be hashed. The hash values are provided to you and must be entered as a DNS CNAME record for your domain.
哈希值输入如下:
<CSR的MD5哈希值>.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com.
Note: Please take notice the trailing period/fullstop at the tail end of each of the TLDs as this is required to make the entry fully-qualified.
注意:请注意在每个顶级域名的尾端尾期/fullstop这是需要完全限定的条目
Note2: Note that yourdomain.com in the example above (and below in the HTTP method instructions)means the Fully Qualified Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC certificate, separate CNAME records
must be created for EACH FQDN in your order. Examples:
<MD5 hash of CSR>.subdomain1.yourdomain.com. CNAME <SHA1 hash of CSR>.comodoca.com.
<MD5 hash of CSR>.subdomain2.yourdomain.com. CNAME <SHA1 hash of CSR>.comodoca.com.
yourdomain.com在上面的例子(和下面的HTTP方法说明)意味着完全限定的域名(FQDN)中包含的证书。如果您订购一个MDC或公开证书,必须创建单独的分类名称记录在您的订单为每个定义域全名。例如:
<CSR的MD5哈希值>.subdomain1.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com
<CSR的MD5哈希值>.subdomain2.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com.
HTTP-based DCV
基于HTTP方式的域名控制验证
The CSR you submit to Comodo will be hashed. The hash values are provided to you and you must create a simple plain-text file and place this in the root of your webserver and served over HTTP-only!
The file and it's content should be as follows: http://yourdomain.com/<大写的CSR的MD5哈希值>.txt
Content (as a plain text file):
<CSR的SHA1哈希值 >
comodoca.com
Note: We will follow redirects from HTTP to HTTPS, however, all redirection must be done within a 5-second period. The DCV will fail if any serving or redirection takes longer than 5 seconds. DCV will also fail if the certificate encountered
over HTTPS is not currently valid and signed by a publicly trusted CA.
注意:我们将按照从HTTP重定向到HTTPS,然而,在5秒内必须完成所有重定向。如果任何服务或重定向的时间超过5秒,DCV将失败。DCV也会失败,如果证书的HTTPS目前还没有遇到有效和公开的受信任CA签署。
Additional Information
补充信息
In the event that you were not provided with your CSR hashes, then you may use ourOnline CSR Decoder.
如果您未提供CSR哈希,然后你可以使用我们Online CSR Decoder
We recommend:
我们建议:
* Uncheck Show Empty Fields
*不选中Show Empty Fields
* Check Show CSR Hashes
*选中Show CSR Hashes
before providing your CSR and clicking the Decode Button.
粘贴你的CSR文件到文本框,然后点击Decode按钮
所有套装证书必须通过DCV(域控制器验证)之前他们颁发。DCV是一种机制,用来证明注册域名的所有权或控制权。
There are 3 mechanisms for DCV:
eMail-based DCV (Traditional)
基于E-mail方式的域名控制验证
You will be sent an email to an administrative contact for your domain. The email will contain a unique validation code and link. Clicking the link and entering the code will prove domain control.
你将被发送电子邮件为您的域名管理联系人。电子邮件将包含一个独特的验证代码和链接。单击该链接并输入该代码将证明域控制。
Valid email addresses are:
Any email address which our system can scrape from a port 43 whois check;
The following generic admin type email addresses @ the domain for which the certificate is being
有效的电子邮件地址:
我们的系统可以的任何电子邮件地址从一个端口43的whois检查;
以下是有效的管理员的电子邮件地址@域类型
applied:
admin@
administrator@
postmaster@
hostmaster@
webmaster@
DNS CNAME-based
基于DNS CNAME方式的域名控制验证
The CSR you submit to Comodo will be hashed. The hash values are provided to you and must be entered as a DNS CNAME record for your domain.
哈希值输入如下:
<CSR的MD5哈希值>.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com.
Note: Please take notice the trailing period/fullstop at the tail end of each of the TLDs as this is required to make the entry fully-qualified.
注意:请注意在每个顶级域名的尾端尾期/fullstop这是需要完全限定的条目
Note2: Note that yourdomain.com in the example above (and below in the HTTP method instructions)means the Fully Qualified Domain Name (FQDN) contained in the certificate. If you are ordering a MDC or UCC certificate, separate CNAME records
must be created for EACH FQDN in your order. Examples:
<MD5 hash of CSR>.subdomain1.yourdomain.com. CNAME <SHA1 hash of CSR>.comodoca.com.
<MD5 hash of CSR>.subdomain2.yourdomain.com. CNAME <SHA1 hash of CSR>.comodoca.com.
yourdomain.com在上面的例子(和下面的HTTP方法说明)意味着完全限定的域名(FQDN)中包含的证书。如果您订购一个MDC或公开证书,必须创建单独的分类名称记录在您的订单为每个定义域全名。例如:
<CSR的MD5哈希值>.subdomain1.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com
<CSR的MD5哈希值>.subdomain2.yourdomain.com. CNAME
<CSR的SHA1哈希值 >.comodoca.com.
HTTP-based DCV
基于HTTP方式的域名控制验证
The CSR you submit to Comodo will be hashed. The hash values are provided to you and you must create a simple plain-text file and place this in the root of your webserver and served over HTTP-only!
The file and it's content should be as follows: http://yourdomain.com/<大写的CSR的MD5哈希值>.txt
Content (as a plain text file):
<CSR的SHA1哈希值 >
comodoca.com
Note: We will follow redirects from HTTP to HTTPS, however, all redirection must be done within a 5-second period. The DCV will fail if any serving or redirection takes longer than 5 seconds. DCV will also fail if the certificate encountered
over HTTPS is not currently valid and signed by a publicly trusted CA.
注意:我们将按照从HTTP重定向到HTTPS,然而,在5秒内必须完成所有重定向。如果任何服务或重定向的时间超过5秒,DCV将失败。DCV也会失败,如果证书的HTTPS目前还没有遇到有效和公开的受信任CA签署。
Additional Information
补充信息
In the event that you were not provided with your CSR hashes, then you may use ourOnline CSR Decoder.
如果您未提供CSR哈希,然后你可以使用我们Online CSR Decoder
We recommend:
我们建议:
* Uncheck Show Empty Fields
*不选中Show Empty Fields
* Check Show CSR Hashes
*选中Show CSR Hashes
before providing your CSR and clicking the Decode Button.
粘贴你的CSR文件到文本框,然后点击Decode按钮
相关文章推荐
- android6.0动态权限申请(其他所有权限简单介绍)
- asp.net获取当前页面文件名,参数,域名等方法。统一session验证和权限验证的方法
- asp.net获取当前页面文件名,参数,域名等方法。统一session验证和权限验证的方法
- VS2005(C#)在win7下申请UAC权限方法(已验证)
- asp.net获取当前页面文件名,参数,域名等方法。统一session验证和权限验证的方法
- 关于以validation方法的验证所有的action方法(代码实例)
- asp.net获取当前页面文件名,参数,域名等方法。统一session验证和权限验证的方法
- asp.net获取当前页面文件名,参数,域名等方法。统一session验证和权限验证的方法
- Validation of viewstate MAC failed. 解决方法
- 验证视图MAC失败 Validation of ViewState MAC Failed
- Asp.net的登录验证方法Web.config访问权限配置
- 给jquery-validation插件添加控件的验证回调方法
- 封装自定义验证方法-validate-methods.js
- 验证视图MAC失败 Validation of ViewState MAC Failed
- jquery-validation插件添加控件的验证回调方法
- android6.0权限动态申请框架permissiondispatcher的方法
- 阿里云ECS申请免费ssl证书,实现Tomcat访问域名,使用Https访问
- .net 下验证控件[validation server control]的一些吐血使用经验
- 数字 小数点 负号 的正则验证 和其他方法
- 回发或回调参数无效。在配置中使用 或在页面中使用 启用了事件验证。出于安全目的,此功能验证回发或回调事件的参数是否来源于最初呈现这些事件的服务器控件。如果数据有效并且是预期的,则使用 ClientScriptManager.RegisterForEventValidation 方法来注册回发或回调数据以进行验证。