Techly NewsGet the app

Get the latest tech news

DigiCert Revocation Incident (CNAME Domain Validation)


will be revoking certificates that did not have proper Domain Control Verification (DCV). Before issuing a certificate to a customer, DigiCert validates the customer’s control or ownership over the domain name for which they are requesting a certificate using one of several methods approved by the CA/Browser Forum (CABF).

Failing to include the underscore is considered a security risk because there is potential for a collision between an actual domain and the subdomain used for verification. As a result, domain validations that used this method where customers did not add the underscore prefix were non-compliant. We apologize if this causes a business disruption to you and are standing by to assist you with validating your domain and issuing replacement certificates immediately.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of domain validation

domain validation

« Blood test for colon cancer screening approved by US regulators
Mike McQuaid on 15 Years of Homebrew and Protecting Open-Source Maintainers »