Search our site for answers
Help Docs Security Overview SSL Certificates Guide Verify an SSL Certificate

Verify an SSL Certificate

When setting up SSL for your site, you must verify your ownership. This article guides you through the verification process.
Domain
5 min read

Introduction

After you have generated a CSR and ordered your SSL, there is one final security hurdle before the Certificate Authority (CA) will issue your files: Verification. Until you complete this step, your SSL order will remain in a “Pending” state, preventing you from installing your certificate.

Also known as Domain Control Validation (DCV), this step allows the Certificate Authority (CA) to confirm that you actually own or control the domain name listed in your order. This prevents unauthorized parties from purchasing certificates for domains they do not own.

This guide covers three methods used to prove ownership: Automatic with a Liquid Web SSL & DNS Zone, DNS records, and Meta-tag.

You must verify within 30 days
There is a 30 day limit to perform domain verification for your SSL Certificate. If it is not verified within 30 days, the certificate order must be cancelled and reordered. This applies to email, DNS, and meta tag verification methods.

Prerequisites

  • A pending SSL Certificate order (you must have already generated a CSR and submitted your order).
  • Access to your Liquid Web or SSL vendor dashboard to retrieve the validation records.
  • For DNS Verification: Administrative access to your domain’s DNS Zone (e.g., Liquid Web, Cloudflare, or another provider like GoDaddy).
  • For Meta-tag Verification: Administrative access to your website’s server or control panel (like cPanel or Plesk) to use the File Manager.

Step-by-Step Instructions

Automatic with Liquid Web

If you are hosting your domain with Liquid Web, your verification will be automatically applied. That was easy!

DNS

Verifying by DNS involves adding a TXT record to your DNS records. Only the website administrator should have to access the domain’s DNS records, so the SSL issuers consider it a legitimate verification method.

  1. Navigate to your SSL vendor and locate the DNS verification TXT record. Learn more about DNS management here.
  2. Go to the DNS zone for your domain. More information on locating your DNS Zone can be found here.
  3. Add the TXT record to your DNS zone and save.
  4. Once you’ve uploaded or created your file, click Verify in your SSL Dashboard.

Meta-tag

  1. On your SSL Dashboard, find the SSL you are verifying and click the domain name.
  2. In the Verification section, click the drop down menu and choose Meta Tag.
  3. This will create a new entry on the page labeled Meta Tag.
  4. Create a new page with this file path and paste the meta tag within the .well-known folder of your domain’s public_html folder.
    example.com/.well-known/pki-validation/gsdv.txt
Easily create a new file via a File Manager
It’s easy to create this file in a text editor and then upload it using your file manager:

  1. Once you’ve uploaded or created your file, click Verify in your SSL Dashboard.

Next Steps

Congratulations! Once you click “Verify” and the Certificate Authority confirms your domain ownership, your SSL certificate will be issued. However, your website isn’t fully secured just yet.

You must complete the final stage of the workflow to activate your encryption:

  • Install the SSL on your server: Download the issued certificate files from your dashboard and install them on your web server (via cPanel, Plesk, or command line) to finalize your security setup.

Frequently Asked Questions (FAQ)

You have a strict 30-day window to complete the domain control validation (DCV). If you do not verify the domain within 30 days of ordering, the Certificate Authority will drop the request. You will need to cancel the original order and submit a brand new one.

The automatic method only works if your domain’s authoritative DNS is pointed to and managed by Liquid Web. If you are using a third-party nameserver like Cloudflare or GoDaddy, the system cannot automatically add the record for you. You will need to use the manual DNS or Meta-tag method instead.

After you add the TXT record to your DNS zone, it can take a little bit of time for the change to propagate across the global internet. While it is often instant, it can sometimes take up to a few hours. If the verification fails immediately, wait 15-30 minutes and try clicking “Verify” again.

While some dashboards label this option “Meta Tag,” the actual method being used here is known as HTTP File-based validation. You do not need to edit your website’s HTML code. Instead, you simply create a text file (named gsdv.txt) containing your verification code and upload it to the hidden /.well-known/pki-validation/ directory on your server using your File Manager.

Was this article helpful?