CA VALIDATION OF DOMAIN NAMES HAS CHANGED

Server certificate validation has changed. New validation methods are described below. User has to choose the preferred method by himself using “Request domains” page or in the single certificate order form. In each method an email will be send which has instructions of actions needed before new domain is available for self-service certificate enrollment. After the actual validation there may be one hour delay before the domain is visible in Telia certificate portal.

DNS method

Certificate applicant or DNS operator named by him/her will receive a small string with instructions via email. Customer or DNS operator must add the string to the TXT record of DNS service under the domain using normal DNS maintenance processes. Telia Certificate service will regularly poll it. When the string is available in the DNS, the domain name will be authorized for use in Telia certificate portal. Please note:

  • It may take several hours before DNS gets updated
  • Do not place the string at your webserver
  • Choose this method if your device is not accessible from public Internet

File method

Certificate applicant or server operator named by him/her will receive a small random file with instructions via email. Customer must add the file to a specific path in a server which is listening http port 80 and set to serve the requested domain name. Telia Certificate service will regularly poll the website. When the file is available, the domain name will be authorized for use in Telia certificate portal.

Email method

Certificate applicant sends email via Telia Certificate service to the email addresses available at WHOIS service and/or standard email addresses 'admin@', 'administrator@', 'webmaster@', 'hostmaster@', or 'postmaster@' followed by the domain name in question. Any of the receivers will have to click on the link in the message and authorize the domain to the Applicant. After successful validation the domain name is available to applicant at Telia certificate portal. Please check before using this method the availability of email boxes iand access to them for mentioned addresses.

Phone method

In this validation method Telia is allowed to use only contact phone numbers that are shown at the domain register. Customer has to check that WHOIS service (e.g. whois.net) includes correct contact phone number related to the domain and the person answering to this number has the authority to say "yes" when Telia calls to the number and asks if Applicant is authorized to use the domain in server certificates. Note! Domain registrars have removed all telephone numbers from .com,.org and .net domains because of GDPR. Thus this method is not available with those domains.