Tuesday, December 21, 2010

GoDaddy SSL Certificate Approval with TXT Records

I had a bit of an issue with Go Daddy yesterday in that they took 5 days to approve a Subject Alternative Name change to a certificate, and as the usual route of adding a file to a website was unavailable to me I decided to prove ownership of the domain by the addition of a new TXT record to the domain.

Go Daddy’s instructions for doing this are only suitable for domains hosted at Go Daddy and there are no clear instructions for doing this if you do not use Go Daddy for your DNS hosting.

So how do you create an SSL approval with TXT record? You do it by creating a TXT record for a subzone. The subzone is DZC and the value of the record is the seven character string that Go Daddy sent you via email. For example dzc.domain.co.uk TXT AbCdEfG.

Once DNS has replicated to ALL of your DNS servers you can return to Go Daddy’s web form and approve your SSL certificate. You can check if all your DNS servers have your new data by using NSLookup or Dig, but preferred is the use of either of these two tools from an independent third party on the internet – for example www.kloth.net/services/nslookup.php or www.dnssy.com/lookup.php.

11 comments:

ssl247.com said...

I've been having a few problems too with GoDaddy, thanks for the tip on how to create an SSL approval with a TXT record. It seems to have sorted the problem out!

Anonymous said...

When I've had to go the TXT record route with GoDaddy, I've found if you call them they will speed up this process considerably. Also since the DNS servers are managed by GoDaddy, once the new TXT record is added there, the time for it to be verified is very short ...as in hours not days.

Graeme said...

Thanks, I was struggling to figure out just how they wanted this record to look. Your post cleared it up perfectly.

bestgknotes143 said...

Hi...Nice blog. Really very interesting....!!!

godaddy ssl

Jarrod said...

this is ridiculous, that even after all these years, their manual verification instructions still don't spell it out as plainly as this!

Thanks!

kevin coper said...

Hello this is very good article, by the way, here i have written an
article about bluehost web hosting, Bluehost is the leading hosting
company in the industry, want to read the read the full review so read
the bluehost woocommerce review thanks

Anonymous said...

Hello guys, thank you for your help in advance,
How to get the seven character string that Go Daddy sent via email? because i don't have them.

jodler303 said...

If you have got issues with TXT records, you can also try PositiveSSL instead ... SECTIGO (the vendor) is allowing CNAME DNS validation. Never had troubles with it!

Maria John said...
This comment has been removed by the author.
erectile said...

Its such as you learn my mind! You appear to know a lot approximately this, like you wrote the guide in it or something. I feel that you just could do with a few p.c. to pressure the message home a little bit, however instead of that, that is great blog. A fantastic read. I'll certainly be back.

alex said...

Great share !! amazing content, I liked your blog very much. I would like to mention a site selling best SSL Certificates online Online SSL Certificate Provider https://www.acetechnology.co.in/ssl-certificates/