DV SSL: Check DCV

  3 minute read  

PUT https://www.digicert.com/services/v2/order/certificate/{{order_id}}/check-dcv
Use this endpoint to check the domain control validation (DCV) for a pending TLS/SSL certificate order with a domain control validation (DCV) method of dns-txt-token, dns-cname-token, or http-token.

Response format

The response format depends on the DCV method and validation status of the checked domains.

DNS TXT and DNS CNAME

When the DCV method is DNS TXT (dns-txt-token) or DNS CNAME (dns-cname-token), the API returns JSON data with a list of dns_name_validations for each checked domain.

  • If you check DCV for the entire order (default), the API returns JSON data with a list of dns_name_validations for each domain that was submitted for validation.
  • If you use the dns_names_validations request parameter to check DCV for a subset of domains, the API returns JSON data with a list of dns_name_validations only for the checked domains.

HTTP Practical Demonstration

When the DCV method is HTTP Practical Demonstration (http-token), the API returns a 400 error if DigiCert cannot find the random value at the expected location for one or more checked domains.

Check DCV for all domains or subsetDigiCert finds token for all checked domainsDigiCert does not find tokens for one or more checked domains
All domains (default)API returns JSON data with list of dns_name_validations for each domain on the order.400 error: file_random_value_not_found
Subset of domains (dns_name_validations request parameter)API returns JSON data with list of dns_name_validations for each domain in the request:
Note: If all domains are approved after you submit your request, the order_status returns issued instead of pending.		400 error: file_random_value_not_found

Example requests and responses

curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/check-dcv' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json'
curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/check-dcv' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
  "dns_name_validations": [
    {
      "dns_name": "example.com",
      "dcv_method": "dns-txt-token"
    }
  ]
}'
{
  "order_status": "issued",
  "certificate_id": 249076999,
  "dcv_status": "valid",
  "dns_name_validations": [
    {
      "dns_name": "sub1.example.com",
      "status": "approved"
    },
    {
      "dns_name": "sub2.example.com",
      "status": "approved"
    }
    {
      "dns_name": "sub3.example.com",
      "status": "approved"
    }
  ]
}
{
  "errors": [
    {
      "code": "file_random_value_not_found",
      "message": "Could not find the random value at the expected file location for one or more domains."
    }
  ]
}
{
  "errors": [
    {
      "code": "invalid_dns_txt",
      "message": "Could not find a valid TXT record for one or more domains."
    }
  ]
}

Path parameters

NameReq/OptDescription
order_idrequiredID of the order to check. To check DCV, order status must be pending.

Request parameters

NameTypeReq/OptDescription
dns_name_validationsarray of objectsoptionalList of objects that specifies a subset of domains to check. Each object must include dns_name and dcv_method key/value pairs. If you omit this list, the API checks DCV for all domains you need to validate before DigiCert can issue the certificate.
.. dns_namestringrequiredDomain name.
.. dcv_methodstringrequiredDCV method.

Response parameters

NameTypeDescription
order_statusstringOrder status.
Possible values:
certificate_idintegerCertificate ID.
dcv_statusstringOrder DCV status.
Possible values:
dns_name_validationsarray of objectsList of objects with DCV approval status for each checked domain.
.. dns_namestringDomain name.
.. statusstringDCV approval status.
Possible values:approved or unapproved