Place the file on the correct domain

Place the validation file on the fully qualified domain name (FQDN) being validated. The exact domain for which DigiCert generated the URL. DigiCert does not look at a different domain or subdomain to find the random value.

For example, if you need yourdomain.com validated, DigiCert generates this URL:

http://yourdomain.com/.well-known/pki-validation/fileauth.txt

Do not place the .txt file on sub.yourdomain.com or on a different domain. DigiCert cannot find the file on these domains.

Do not modify the URL

If you modify the URL, DigiCert cannot find the .txt file. Do not:

Add www to the URL:

http://www.yourdomain.com/.well-known/pki-validation/fileauth.txt

Capitalise a letter that is not capitalised in the original URL, such as pki:
```
http://yourdomain.com/.well-known/PKI-validation/fileauth.txt
```
Change or omit any part of the path

www.[your-domain] and [your-domain]

To validate both www.yourdomain.com and yourdomain.com, validate each separately. Validating one does not validate the other.

As of November 16, 2021, the HTTP Practical Demonstration DCV method validates FQDNs exactly as named. Learn more about domain validation policy changes.

Free base domain SAN

If your TLS certificate includes a free base domain SAN, place the .txt file on the base domain. DigiCert validates the domain on the certificate order.

Validate each domain and subdomain separately.

What's next

Use the correct directory structure

In this section: