Skip to main content

Add a domain, authorize the domain for certificates, and use HTTP practical demonstration as the validation method

Demonstrate control over your domain with HTTP practical demonstration

Demonstrate control over your domain by hosting a .txt file containing a random value at a predetermined location on your website.

Once the file is created and placed on your site, DigiCert visits the specified URL to confirm the presence of your unique random value. Make sure to avoid the Common mistakes: HTTP practical demonstration DCV method.

Before you begin

Before you can prevalidate a domain for SSL/TLS certificate validation, you must first submit its organization for prevalidation. Additionally, if you want the domain to be used for OV, EV, and/or Private SSL certificates, you must submit its organization for those matching validation types.

Step I: Add and authorize a domain for SSL/TLS certificate

  1. In your CertCentral account, in the left main menu, go to Certificates> Domains.

  2. On the Domains page, select New Domain.

  3. On the New Domain page, under Domain Details, enter the following domain information:

    • Domain Name

      Enter the domain name the certificates will secure.

    • Organization

      In the dropdown, select the organization you want to assign the domain to.

  4. Under Domain Control Validation (DCV) Method, select HTTP Practical Demonstration.

  5. When you are finished, select Submit for Validation.

Step II: Use HTTP practical demonstration to demonstrate control over the domain

  1. Create your .txt file:

    1. Under User Actions, in the Your unique verification token box, copy your verification token.

      Note: The unique verification token expires after 30 days. To generate a new token, click the Generate New Token link.

    2. Open a text editor (such as Notepad) and paste in Your unique verification token.

    3. Save the .txt file under this name: fileauth.txt.

  2. Create the .well-known/pki-validation/ directory on your site.


    For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  3. Place the fileauth.txt file on your site under .well-known/pki-validation.

    The URL should look something like this:


  4. Verify the HTTP token

    1. In your CertCentral account, in the left main menu, go to Certificates > Domains.

    2. On the Domains page, in the Domain Name column, select the domain link.

    3. On the domain details page (e.g.,, at the bottom of the page, select Check HTTP Token.