Why Domain Validation Must Be Repeated More Frequently After SC081 Changes

Domain Control Validation, or DCV, must now be repeated more frequently due to changes introduced by the CA/Browser Forum SC081 ballot. This article explains what changed, how it affects certificate issuance, and what actions are required to prevent validation-related delays.

When to Use This Article

• You received a notice that your domain validation is expiring sooner than expected.
• You want to understand why DCV must be repeated more frequently.
• Certificate issuance is delayed due to expired domain validation.
• You want to proactively manage domain validation to avoid interruptions.

What Changed

The CA/Browser Forum reduced the allowed reuse period for domain validation from 397 days to 199 days. This change was introduced through ballot SC081 and applies to all certificate authorities that follow industry standards.

As a result, previously validated domains may now expire sooner than expected, and domain ownership must be revalidated more frequently to continue issuing certificates without interruption.

How This Affects Certificate Issuance

Certificate authorities require valid domain control validation before issuing certificates. If the validation for a domain has expired, certificate issuance will be blocked until the domain is successfully revalidated.

This can introduce delays in environments that depend on immediate or automated certificate issuance, especially if validation status is not monitored in advance.

What You Should Do

1. Sign in to your CertCentral account.
2. Navigate to Certificates and select Domains.
3. Locate domains with upcoming or expired validation dates.
4. Open the domain details page for each domain that requires revalidation.
5. Select a domain control validation method, such as DNS TXT validation.
6. Follow the instructions to complete validation and submit the request.

How to Check Validation Status

CertCentral displays validation expiration information for each domain. Review the validation expiration date to determine whether revalidation is required.

If validation is close to expiring or has already expired, initiate revalidation as soon as possible to avoid delays in certificate issuance.

Important Notes

• Domain validation must now be repeated approximately every 199 days.
• Expired validation prevents certificate issuance until revalidation is completed.
• Automated DNS-based validation may reduce manual effort if properly configured.
• Monitoring validation expiration dates helps prevent unexpected service impact.

Related Articles

• How to Check Whether the UltraDNS and CertCentral Integration Is Working for Automatic DCV Revalidation
• How to Complete Domain Control Validation Using a TXT Record
• Why DCV TXT Record Validation Fails in UltraDNS