In accordance with the changes made by Comodo for DCV validation methods, Openprovider has updated returned values for the API method retrieveOrderSslCertRequest.
The structure of the parameter additional data is now as follows:
3eeb773a542f247c99348292612eb545 bbf760aa34f34dcaeb01a9bc1c8ee729a2cbd6f1198d16a4d6eb6c2e6ca396c6 bbf760aa34f34dcaeb01a9bc1c8ee729a2cbd6f1198d16a4d6eb6c2e6ca396c6 example.com/.well-known/pki-validation/3EEB773A542F247C99348292612EB545.txt bbf760aa34f34dcaeb01a9bc1c8ee729a2cbd6f1198d16a4d6eb6c2e6ca396c6.comodoca.com _3eeb773a542f247c99348292612eb545.openprovider.com bbf760aa34f34dcaeb01a9bc1c8ee729.a2cbd6f1198d16a4d6eb6c2e6ca396c6.comodoca.com
This API update consists of three new fields that have been added:
- sha256, fileLocation and fileContents, for HTTP(s) validation.
- dnsrecord and dnsValue for DNS type of validation.
For these cases when you use a previously used CSR for a reissue, renewal or new order, Comodo will add a unique value to the file contents or the DNS record. They do this to prevent that the old one is re-used without knowing. You can see example for a DNS record in such a case below:
_c7fbc2039e400c8ef74129ec7db1842c.example.com CNAME c9c863405fe7675a3988b97664ea6baf.442019e4e52fa335f406f7c5f26cf14f..comodoca.com
This is why we highly recommend you to use values returned in the new fields fileContents and dnsValue, instead of generating values for DCV validation on your side.
We hope everything is clear! Do you have any questions about our API update at Openprovider or about DCV validation in general? Our support team is happy to assist you with any of your queries! You can contact them through this page, or consult our Knowledge Base first. We strive to answer all questions as quickly as possible.