Cloudflare Docs
Visit SSL/TLS on GitHub
Set theme to dark (⇧+D)

Domain Control Validation (DCV) — SSL/TLS

Before a Certificate Authority will issue a certificate for a domain, the requestor must prove they have control over that domain. This process is known as domain control validation (DCV).

​​ Who needs to perform DCV

If your application is on a partial/CNAME DNS setup — meaning that someone else runs your authoritative nameservers — you may need to perform DCV.

Performing DCV gives you more control over the valdiation method, as well as ensuring that your application does not experience any downtime.

​​ DCV exceptions

If your domain is on a full setup, Cloudflare handles DCV automatically on your behalf using a TXT record. For more details, refer to Enabling Universal SSL.

If your domain is using a custom certificate, you need to handle DCV on your own when you obtain certificates from a CA.

​​ Perform DCV

For more details about performing DCV and each DCV method, refer to DCV methods.