Help Center> Cloud Certificate & Manager> FAQs> Verification of the Domain Name Ownership - SCM> Why Does the SSL Certificate Remain in the Pending Domain Name Verification State After Domain Name Verification Completes?

Why Does the SSL Certificate Remain in the Pending Domain Name Verification State After Domain Name Verification Completes?

If domain name verification is complete but the certificate remains in the Pending domain name verification state, perform the following steps:

Check whether the ownership of the domain name for which the certificate is used is verified.
- If domain ownership is verified, go to 2.
- If domain ownership has not been verified, go to your domain name service provider to complete the verification.
Check whether the domain name verification has been completed.
- If you have completed domain name verification, go to 3.
- If you have not completed domain ownership verification and organization verification, perform operations as prompted.
  For details, see Verify the Domain Ownership.
Check whether the domain name verification takes effect.
For details, see How Do I Check Whether Domain Name Verification Takes Effect?.
- If domain name verification takes effect, go to 4.
- If the verification still does not take effect, perform the required operations in What Can I Do If Domain Ownership Verification Does Not Take Effect?
For details about how to make the verification take effect, see DNS Verification Configuration Does Not Take Effect.
The review may take a while.
After the verification is complete, additional time is required for the CA to verify your domain name. During this period, the certificate is in the Pending domain name verification state.

If you have verified the domain name, the CA will take 2 to 3 working days to verify your information. The certificate state changes only after the CA verifies the certificate.

Locate the failure cause and fix the issue by referring to the following table.

**Table 1** Possible causes
Possible Cause	Procedure
The record configuration is incorrect.	Check whether the Name or Type is correct. The following uses the DNS configuration on HUAWEI CLOUD as an example: Figure 1 Adding a record The returned host record varies depending on the domain name service provider. The following are two examples: Example: If the host record returned by the domain name service provider is _dnsauth.www.huawei.com, set Name to _dnsauth. If the host record returned by the domain name service provider is www.huawei.com, leave Name empty. NOTICE: Check whether full domain names are supported. If not, delete the suffix of the root domain name.
It requires a long period of time for the configuration to take effect.	Check whether the effective time (TTL) is too long. It is recommended that you set the TTL to 5 minutes. This value varies depending on the DNS service provider. In HUAWEI CLOUD DNS, the default value is 5 minutes, so the configuration takes effect within 5 minutes by default. If the configured effective time does not arrive, verify after the time is right. Figure 2 Setting TTL

Parent topic: Verification of the Domain Name Ownership - SCM

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Help Center