Complete HTTP-01 challenges for ACME
Use the HTTP-01 challenge when you automate certificate issuance and renewal using an ACME client that controls the web server for the domain. The ACME client places a validation file on the web server and notifies DigiCert when the file is ready.
Important
Wildcard domains: The HTTP-01 challenge does not support wildcard domain validation. Use the DNS-01 challenge instead.
IP address validation: The HTTP-01 challenge does not support IP address validation.
For OV and EV certificates, prevalidate the IP address using HTTP practical demonstration and then use ACME.
For DV certificates, use the manual HTTP practical demonstration method.
Before you begin
Port 80 must be publicly accessible for DigiCert to retrieve the validation file
The ACME client must have permission to place files in the
/.well-known/acme-challenge/directory on the web serverThe ACME client must be configured with your DigiCert ACME directory URL and EAB credentials. See Create ACME credentials.
Complete the challenge
Configure the ACME client to request the HTTP-01 challenge type.
Initiate a certificate request through the ACME client for the domain.
Allow the ACME client to place the validation file in the
/.well-known/acme-challenge/directory on the web server.Allow the ACME client to notify DigiCert that the file is ready.
DigiCert validates the domain when it retrieves the validation file from the expected URL and confirms the random value. Certificate issuance proceeds after domain control validation is successful, organization validation is complete where applicable, and approval settings allow automated issuance.
What's next
Complete the DNS-01 challenge for ACME for environments where web server access is restricted or wildcard domain validation is required