Skip to main content

Validate a domain using the HTTP Practical Demonstration DCV method

Add a domain to CertCentral and validate it using the HTTP Practical Demonstration domain control validation (DCV) method.

Add a domain to CertCentral. Then, host a file containing a DigiCert-generated random value at a predetermined location on your website (http://{domain-name}/.well-known/pki-validation/fileauth.txt) to demonstrate control over it.

When done creating the file and placing it on your site, DigiCert goes to the specified URL to confirm the presence of the random value. Make sure to avoid the common mistakes when using the HTTP practical demonstration DCV methods.

Items to note about using the HTTP Practical Demonstration DCV method

  • Validate a single FQDN

    Use the HTTP Practical Demonstration DCV method to validate a fully qualified domain name (FQDN) exactly as named. Use another supported DCV methods, such as email, DNS TXT, and CNAME, to validate entire domains, subdomains, and wildcard domains (*.example.com).

    To learn more, go to Domain Validation Policy Changes.

  • Validating IPv4 and IPv6 address

    Per industry regulations, you must use the HTTP Practical Demonstration DCV method to demonstrate control over IPv4 and IPv6 addresses.

Acronyms in this article: Domain Name System (DNS), organization validation (OV), extended validation (EV), Transport Security Layer (TLS)

Before you begin

When you add a domain to your account, you must assign the domain to an organization in your account. However, before assigning a domain to it, you must first add the organization to your account. See Add an organization to your CertCentral account.

Also, if you want the domain used for OV, EV, or Private TLS certificates, submit its organization for prevalidation and include those matching validation types. See Submit an organization for pre-validation.

Step I: Add a domain and select HTTP Practical Demonstration as the DCV method

  1. In CertCentral , in the left main menu, go to Certificates > Domains.

    For CertCentral Subscription accounts, in the left menu, go to Validation > Domains.

  2. On the Domains page, select New Domain.

  3. On the New Domain page, under Domain Details, enter the following domain information:

    • Domain name

      Enter the domain you want to prevalidate.

    • Organization

      In the dropdown, select the organization you want to assign the domain to.

  4. Under Domain Control Validation (DCV) method, select HTTP Practical Demonstration.

  5. When ready, select Submit for validation.

Step II: Use HTTP Practical Demonstration to demonstrate control over the domain

  1. On the domain's details page, in the Domain control validation (DCV) method section under User actions, do the following:

    1. Create your .txt file and add the DigiCert-provided random value.

      1. Open a text editor (for example, Notepad).

      2. In the Your unique verification token box, copy your token and enter the random value in text editor.

        The random value expires after 30 days.

      3. Save the .txt file under this name: fileauth.txt.

    2. Create the .well-known/pki-validation/ directory on your site.

      For Windows-based servers, create the .well-known folder via command line (mkdir .well-known).

  2. Place the fileauth.txt file on your site under .well-known/pki-validation.

    The URL should look something like this:

    http://[your-domain]/.well-known/pki-validation/fileauth.txt

  3. Finish the domain validation.

    1. In CertCentral , in the left menu, go to Certificates > Domains.

      For CertCentral Subscription accounts, in the left menu, go to Validation > Domains.

    2. On the Domains page, in the Domain name column, select the domain link.

    3. On the domain's details page, in the Domain control validation (DCV) method section under User actions select Check HTTP Token.

In this section: