DCV Management

Overview

Domain Control Validation (DCV) is the process by which a Certificate Authority (CA) verifies that an entity requesting an SSL/TLS certificate legitimately controls the domain for which the certificate is being requested. Without DCV, there is no assurance that the certificate request originates from an authorized owner, leaving organizations open to impersonation and man-in-the-middle attacks.

Recent policy updates from the CA/Browser Forum have shortened the validity of SSL/TLS certificates, emphasizing the need for continuous validation and automation. As certificate lifecycles shrink, the duration for which DCV remains valid also decreases, increasing the operational burden on IT and security teams to keep domains validated at all times.

AppViewX DCV Automation

AppViewX introduces a comprehensive Domain Control Validation Automation Framework, seamlessly integrated with its Certificate Lifecycle Management (CLM) platform. This feature enables customers to discover, manage, validate, and auto-renew domain validations across multiple CAs and DNS providers all from a single, unified interface.

Domain Discovery and Inventory
- Discovers all approved domains associated with CAs managed in AppViewX.
  Note: The supported CAs for DCV domain discovery are DigiCert, Sectigo, GlobalSign MSSL, GlobalSign Atlas, and SwissSign.
- Maintains a centralized inventory of domains within AppViewX for visibility and management.
Lifecycle Tracking
- Tracks the validation expiry of each domain in accordance with the respective CA’s policy.
Automated Renewal
- Supports auto-renewal of domain validations a specified number (X) of days before expiry.
- Provides granular configuration options for administrators to define renewal strategies per domain.
Add and Validate New Domains
- Allows users to add and validate new domains directly from AppViewX.
- Supports both HTTP-based and DNS-based (TXT and CNAME) validation methods.
- Email-based validation is not supported through AppViewX.