Score:0

What was the reason for dns validation?

cn flag

I got a certificate from AWS and did dns validation in the process of https communication. But I'm not sure why you are doing that verification. To use the domain, I got a domain from a hosting company and registered it on route53. Isn't this process itself dns validation? I want to know the effect of dns validation, and I want to know what happens when dns validation is not done.

thank you.

cn flag
`I want to know what happens when dns validation is not done.` A certificate will not be issued.
Oscar De León avatar
la flag
Perhaps the phrase is a bit confusing. You're not validating your DNS domain; you're using your DNS server as proof that you own that domain to validate the certificate. This is done so someone else can't create a "valid" certificate for your domain, for example.
Score:3
jp flag

From AWS Option 1: DNS validation:

When you choose DNS validation, ACM provides you with one or more CNAME records that must be added to this database. These records contain a unique key-value pair that serves as proof that you control the domain.

With shared infrastructure, the domains of multiple customers may point to the same IP address(es). Therefore, this alone cannot be held as proof of control for any specific customer. That is probably why these records has to be unique key-value pairs.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.