Skip to main content

Usa il metodo di convalida dimostrazione pratica HTTP per verificare il controllo sul dominio

Dimostra il controllo su un dominio sul tuo ordine di certificato TLS/SSL con la dimostrazione pratica HTTP

Use these instructions to demonstrate control over a domain by hosting a file containing a DigiCert-generated random value at a predetermined location on your website: http://{domain-name}/.well-known/pki-validation/fileauth.txt. For information about this and other DCV methods, see Domain control validation (DCV) methods.

When done creating the file and placing it on your site, DigiCert goes to the specified URL to confirm the presence of our random value. Make sure to avoid the common mistakes when using the HTTP practical demonstration DCV methods.

Before you begin

Items to note about using the HTTP Practical Demonstration DCV method

  • Validate fully qualified domain names (FQDNs)

    Use the HTTP Practical Demonstration DCV methods to demonstrate control over FQDNs exactly as named. To learn more, go to Domain Validation Policy Changes.

    Use one of the other supported DCV methods, such as email, DNS TXT, and CNAME, to:

    • Validate wildcard domains (*.example.com).

    • Include subdomains in the validation process while validating a higher-level domain.

      For example, if you want to cover www.example.com, mail.example.com, and one.example.com when validating the higher-level domain example.com.

  • Validate IPv4 and IPv6 addresses

    Per industry regulations, you must use the HTTP Practical Demonstration DCV method to demonstrate control over IPv4 and IPv6 addresses.

Acronyms in this article: organization validation (OV), extended validation (EV), Transport Security Layer (TLS), Domain Name System (DNS)

Validate domains before ordering certificates

Validating domains during the order process means certificates aren't issued until domain validation is done. For faster certificate issuance, validate domains before adding them to your OV and EV TLS certificate orders.

To learn more about this domain validation process, see Validate domains before ordering certificates for them.

Fase 1: Controlla lo stato del tuo ordine in sospeso

Vai alla pagina Dettagli ordine del certificato SSL/TLS per vedere quale convalida di dominio e di organizzazione deve essere completata prima di poter emettere il tuo certificato.

  1. Nel tuo account CertCentral, vai alla pagina dei dettagli N. ordine dell’ordine.

    1. In the left main menu, go to Certificates > Orders.

    2. On the Orders page, in the Order # column, find and select the TLS certificate's order number link.

    3. For CertCentral Subscription accounts, the steps to access the Order # detail page are different.

      1. In the left menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the TLS certificate's order number link.

  2. On the certificate’s Order # details page, in the Certificate status section, check if the certificate is waiting on domain validation to be finished.

  3. Under What do you need to do, select the domain's link you want to validate.

  4. In the Prove control over domain window, in the Domain control validation (DCV) method menu, select HTTP Practical Demonstration and then select Save.

  5. Create a .txt file and add the DigiCert-provided random value.

    1. Open a text editor (such as , Notepad).

    2. In the Order token box, copy your token and enter the random value in text editor.

      The random value expires after 30 days.

    3. Save the .txt file under this name: fileauth.txt.

  6. Create the .well-known/pki-validation/ directory on your site.

    For Windows-based servers, create the .well-known folder via command line (mkdir .well-known).

  7. Place the fileauth.txt file on your site under .well-known/pki-validation.

    The URL should look something like this:

    http://[your-domain]/.well-known/pki-validation/fileauth.txt

  8. Finish domain validation

    1. In CertCentral, go to the certificate's Order # details page.

      1. In the left main menu, go to Certificates > Orders.

      2. On the Orders page, in the Order # column, select the TLS certificate's order number link.

      For CertCentral Subscription accounts:

      1. In the left main menu, go to My Digital Trust Products > Certificates.

      2. On the Certificates page, in the Order # column, select the TLS certificate's order number link.

    2. On the Order # details page, in the Certificate status section, under What do you need to do, select the domain link.

    3. In the Prove control over domain window, under 4. Complete domain validation, select Check site.

In questa sezione: