Embedded Files
Getting an SSL certificate isn't just about buying one—the certificate authority needs proof that you actually own the domain. Usually, this happens through file validation: you upload a specific file to your server, the CA checks it, and you're done. Simple enough.
But what if your setup isn't that straightforward? Maybe you're running multiple servers behind a load balancer, or your server isn't even online yet. That's where DNS validation comes in handy.
When File Validation Won't Cut It
When File Validation Won't Cut It
AutoInstall SSL defaults to file validation because it's the quickest path from request to certificate. The tool drops a verification file on your server, the certificate authority confirms it's there, and your SSL certificate gets issued.
The problem? This only works if your server is accessible to the outside world and you have direct file system access. If you're dealing with a distributed infrastructure or a server that's still in setup mode, file validation becomes a headache.
DNS validation sidesteps these issues entirely. Instead of checking for a file on your server, the certificate authority looks for a specific DNS record. As long as you control the DNS zone for your domain, you can complete validation—no server access required.
How AutoInstall SSL Handles DNS Validation
How AutoInstall SSL Handles DNS Validation
The good news: AutoInstall SSL integrates directly with popular DNS providers to automate the entire process. You don't need to manually create DNS records or wait around checking if they've propagated.
Not sure who manages your DNS? Run a nameserver lookup at dnschecker.org/ns-lookup.php to find out.
Once you know your DNS provider, you'll need API credentials from them. AutoInstall SSL uses these to automatically create the validation records, wait for the certificate authority to verify them, and clean everything up afterward.
Managing DNS records manually can be error-prone, especially when you're juggling multiple domains or need fast certificate renewals. 👉 DNS Made Easy's API makes automated SSL validation straightforward and reliable, letting you skip the tedious back-and-forth of manual record updates.
Setting Up DNS Validation With Cloudflare
Setting Up DNS Validation With Cloudflare
If you're using Cloudflare, you'll need an API token with the right permissions. Here's the command structure:
Windows:
AutoInstallSSL.exe installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider cloudflare --cloudflareapitoken [APIToken]
Linux:
sudo runautoinstallssl.sh installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider cloudflare --cloudflareapitoken [APIToken]
To get your API token, head to your Cloudflare profile page and click API Tokens. Create a new token using the "Edit zone DNS" template, set Zone Resources to "All zones," and add the User + User Details + Read permission. This lets AutoInstall SSL figure out which zone to use for your domain or subdomain.
GoDaddy DNS Validation Setup
GoDaddy DNS Validation Setup
One catch with GoDaddy: they only enable API access for accounts that meet certain thresholds. If your account qualifies, the setup is straightforward.
Windows:
AutoInstallSSL.exe installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider godaddy --apikey [APIKey] --apisecret [APISecret]
Linux:
sudo runautoinstallssl.sh installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider godaddy --apikey [APIKey] --apisecret [APISecret]
Generate your API credentials at developer.godaddy.com/keys. You'll get both an API key and secret—keep these somewhere safe since you'll need them for every validation request.
DNS Made Easy Integration
DNS Made Easy Integration
For DNS Made Easy users, the process requires both an API key and secret key from your account.
Windows:
AutoInstallSSL.exe installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider dnsmadeeasy --apikey [APIKey] --apisecret [APISecret]
Linux:
sudo runautoinstallssl.sh installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider dnsmadeeasy --apikey [APIKey] --apisecret [APISecret]
Log into your control panel at cp.dnsmadeeasy.com and navigate to Config > Account Information. You need to be the primary account user to view or generate API credentials. If you haven't created them yet, check the box for "Generate New API Credentials" and save.
When you're running automated SSL renewals across multiple domains, having 👉 a DNS provider with robust API support and fast propagation speeds can make the difference between seamless automation and troubleshooting certificate failures at 2 AM.
Microsoft Azure DNS Configuration
Microsoft Azure DNS Configuration
Azure DNS validation requires several identifiers from your Azure setup:
Windows:
AutoInstallSSL.exe installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider azure --azuretenantid [TenantId] --azureclientid [ClientID] --azuresecret [Secret] --azuresubscriptionid [SubscriptionID] --azureresourcegroupname [ResourceGroupName] --azurehostedzone [HostedZone]
Linux:
sudo runautoinstallssl.sh installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider azure --azuretenantid [TenantId] --azureclientid [ClientID] --azuresecret [Secret] --azuresubscriptionid [SubscriptionID] --azureresourcegroupname [ResourceGroupName] --azurehostedzone [HostedZone]
In Microsoft Entra ID, create a new app registration called "AutoInstall SSL" (you can leave the redirect URI blank). Then grant this application DNS Zone Contributor access to the subscription containing your domain's DNS zone.
AWS Route 53 Setup
AWS Route 53 Setup
Route 53 users need an access key ID and secret access key:
Windows:
AutoInstallSSL.exe installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider route53 --route53accesskeyid [AccessKeyID] --route53secretaccesskey [SecretAccessKey]
Linux:
sudo runautoinstallssl.sh installcertificate --token [AutoInstall SSL Token] --validationtype dns --validationprovider route53 --route53accesskeyid [AccessKeyID] --route53secretaccesskey [SecretAccessKey]
Get these from the AWS management console by clicking your profile name, selecting Security credentials, and creating a new access key. Make sure to download or save these credentials immediately—AWS won't show them again.
What Happens If Your Credentials Change
What Happens If Your Credentials Change
DNS providers occasionally rotate API credentials for security reasons, or you might need to update them manually. AutoInstall SSL lets you update stored credentials without reconfiguring your entire setup. Just run the same command with your new credentials, and the tool will use them for future validations.
The key advantage of DNS validation is flexibility. Whether you're managing a complex infrastructure or just need to get an SSL certificate on a server that's not quite ready for the world, this method keeps things moving without compromising security.
Page updated
Google Sites
Report abuse