Cloudflare Docs
Visit SSL/TLS on GitHub
Set theme to dark (⇧+D)

Domain Control Validation (DCV) — SSL/TLS

Before a Certificate Authority will issue a certificate for a domain, the requestor must prove they have control over that domain. This process is known as domain control validation (DCV).

Who needs to perform DCV

If your application is on a partial/CNAME DNS setup — meaning that someone else runs your authoritative nameservers — you may need to perform DCV.

Performing DCV gives you more control over the valdiation method, as well as ensuring that your application does not experience any downtime.

DCV exceptions

If your domain is on a full setup, Cloudflare handles DCV automatically on your behalf using a TXT record. For more details, refer to Enabling Universal SSL.

If your domain is using a custom certificate, you need to handle DCV on your own when you obtain certificates from a CA.

Perform DCV

For more details about performing DCV and each DCV method, refer to DCV methods.