Overview
Before a certificate can be issued, the Certificate Authority must verify your control of the domain name being secured.
This process is known as validation.
HTTP-01 Validation
HTTP-01 uses a temporary validation file that is served from your website.
Advantages
Widely supported
Straightforward for many web servers
Limitations
Requires web server access
Does not support wildcard certificates
DNS-01 Validation
DNS-01 uses DNS TXT records to prove control of a domain.
Advantages
Supports wildcard certificates
Supports fully automated deployments
Does not require web server access
Limitations
Requires DNS access
May require DNS automation capabilities
Validation Method Comparison
Feature | HTTP-01 | DNS-01 |
Wildcard Support | No | Yes |
Requires Web Access | Yes | No |
Requires DNS Access | No | Yes |
Automation Support | Yes | Yes |
Recommended Method | Limited Cases | Most Deployments |
Recommendation
For most customers, DNS-01 validation is the recommended approach because it offers the greatest flexibility and supports fully automated certificate management.