# Domain Validation (DV) Certificate Purchase and Issuance Process

Summary of the process: Purchase a new certificate -> Complete the information -> Domain validation (DNS/File validation) -> Validation is successful -> Issue/Wait for the certificate to be issued

Please note: After the validation has passed (manual checking is recommended), you only need to wait for the certificate to be issued. DV certificates are auto-issued by system checks and there may be cases where they are not issued; if not issued within 24 hours, please purchase OV/EV certificates.


## Step 1: Purchase a new certificate

ucloud homepage -> console -> all -> certificate management USSL -> buy certificate

<!-- image-todo -->

<!-- image-todo -->

<!-- image-todo -->

For more details, please refer to the [Purchase Certificate](/docs/ussl/operate/buy) guide.

## Step 2: Complete the information

   After purchasing, you will see that a certificate has been generated without any information, click [Complete Information] to fill in and submit the content.

<!-- image-todo -->

For detailed content, see [Complete Information](/docs/ussl/operate/complete) guide.

## Step 3: Domain ownership verification

**The verification button tool is only a tool to assist customers with verification and not the basis for final certificate issuance**

**Whether the customer's parsing configuration is correct can be confirmed with manual resolution; if the resolution value can be obtained, wait for issuance; if not issued after 24 hours, please purchase a paid certificate.**

### Domain Verification Method One: DNS Resolution Verification

**1, Click the verification button**

<!-- image-todo -->

**2, Get verification information**

<!-- image-todo -->

**3, Fill in the verification information**

Add a new domain resolution at the DNS service provider (such as DNSPOD), as shown below:

<!-- image-todo -->

**4, Verification of resolution**

#### Manual Resolution
    
Use your local client shell command to verify whether the resolution you added is correct, nslookup -q=CNAME record.domainname

<!-- image-todo -->

For orders using txt verification to revoke certificates, use command nslookup -q=TXT host record.domainname
   


### Domain Verification Method Two: File Verification (Related to the server's own security configuration, easily causing verification mismatches)



1, According to the verification path, create a text file with file name and input file content, the end of the file content cannot have a return or new line character

2, Ensure that the file name path is consistent with the verification, and missing parts can be completed by oneself


3, Record value verification, access <https://domain+/.well-known/pki-validation/+file name> or <http://domain+/.well-known/pki-validation/+file name>; if the corresponding txt value is obtained, it indicates that file parsing has been added successfully


**Example:** 

The domain is console.scloudsg.com; access: <https://console.scloudsg.com/.well-known/pki-validation/file name> If you get the file content, the verification is successful

<!-- image-todo -->


## Step 4: Certificate Issuance

Wait for about 10 minutes, then refresh the console, and when the status changes to "Issued", the operation and the appearance of the [Download] button means you can download and use the certificate.

If there are problems with the DV certificate validation, you can self-check the reasons using [Tools](/docs/ussl/faq/dv).

## Step 5: Download Certificate & Deployment

Once the certificate is downloaded from the console, you can deploy the certificate on your own server, for certificate deployment, please refer to the [User Manual](/ussl/install).