The “unique value” (or “unique token”) referred to in SSL.com’s domain validation (DV) documentation is used for compliance with Section 188.8.131.52 (Validation of Domain Authorization or Control) of the CA/Browser Forum’s Baseline Requirements. These requirements stipulate that a “Request Token or Random Value” appear in a file stored in a particular directory of the website that is to be protected by an SSL/TLS certificate (normally
/.well-known/pki-validation/), or as part of a DNS record for the domain name to be validated, serving to ensure the uniqueness of the request.
When performing domain validation in SSL.com’s online portal, a random value will made available to the user for this purpose, along with a pre-formatted text file and DNS record for use with the HTTP/HTTPS file lookup and DNS CNAME lookup methods. Please refer to SSL.com’s DV requirements documentation for full details of the available DV methods.
If you are using SSL.com’s SWS API to perform domain validation, you may specify a unique value via the optional
unique_value parameter in your request. If you do not supply the unique value via the API, a random value will be automatically generated for you. For complete information, please refer to our API documentation.
The HTTP/HTTPS file lookup and DNS CNAME lookup DV methods both require a unique value that is either generated randomly by SSL.com, or supplied by the user via the SWS API. The Email Challenge Response method also requires a random value for validation, which is supplied by SSL.com in the validation email message.
The unique value is required at the time that domain control is validated. Therefore, if you add a new domain name when reprocessing a multi-domain certificate and wish to use the DNS CNAME lookup or HTTP/HTTPS file lookup validation method, you will need to create a new CNAME or validation file, with a new unique value.
If you have prevalidated a domain name via the CNAME or File Lookup methods, a new DNS record or file with a new unique value is not required when ordering a certificate for it.