Help Center/ Cloud Certificate Manager/ FAQs/ Domain Name Ownership Verification/ What Can I Do If Domain Ownership Verification Does Not Take Effect?
Updated on 2024-09-18 GMT+08:00

What Can I Do If Domain Ownership Verification Does Not Take Effect?

If you have completed domain name verification but the configuration does not take effect, perform the operations described in this section.

Procedure

Prerequisites

Configuration Does Not Take Effect After DNS Verification

Locate the failure cause and fix the issue by referring to the following table.

Table 1 Possible causes

Possible Cause

Procedure

A wrong domain name management platform was selected.

DNS verification can be performed only on the platform where your domain name is hosted. Check whether the platform you select is the right one.

The old record set is not deleted.

The record added can be deleted once the current certificate is issued.

If the record added for the previous certificate is not deleted, the record added for the current certificate will not take effect. Check whether the record added last time is deleted.

The record configuration is incorrect.

Check settings of Host Record, Type or Value.

Figure 1 Adding a record

It requires a long period of time for the configuration to take effect.

Check whether the effective time (TTL) is too long. It is recommended that you set the TTL to 5 minutes. This value varies depending on the DNS service provider. In our DNS platform, the default value is 5 minutes, so the configuration takes effect in 5 minutes by default.

If the configured effective time does not arrive, verify after the time is right.

Figure 2 Setting TTL

Configuration Does Not Take Effect After File Verification

If the DNS verification configuration does not take effect, perform the following checks:
  • If the record value displayed on the page is the same as that displayed on the domain name verification page of the SCM console or in the email, the configuration of domain name verification has taken effect.
  • If they are different, the configuration of domain name verification does not take effect.
    If the configuration does not take effect, check and handle the issue from the following aspects:
    • Check whether the verification URL address exists in HTTPS accessible addresses. If yes, use HTTPS to re-access the URL address in the browser. If the browser displays a message indicating that the certificate is untrusted or the displayed content is incorrect, disable the HTTPS service for the domain name temporarily.
    • Ensure that the verification URL address can be accessed at any place. Detection servers of some CAs are located outside China. Check whether your site has images outside China or whether the smart DNS service is used.
    • Check whether the verification URL address contains 301 or 302 redirection. If such redirection exists, cancel the related settings to disable the redirection.

      You can run the wget -S URL address command to check whether the verification URL address is redirected.