ファイル認証（HTTP実践デモンストレーション）DCV方式を使用する

Demonstrate domain control with the HTTP Practical Demonstration domain control validation (DCV) method

ファイルが作成され、サイト上に設置されると、デジサートが指定されたURLにアクセスし、ランダムな値の存在を確認します。よくある間違いを避けるようにしてください。「ファイル認証DCV方式のよくある間違い」を参照してください。

When done creating the file and placing it on your site, DigiCert goes to the specified URL to confirm the presence of our random value. Make sure to avoid the common mistakes when using the HTTP Practical Demonstration DCV method.

Before you begin

Validate FQDNs
Use the HTTP Practical Demonstration DCV method to demonstrate control over fully qualified domain names (FQDNs) exactly as named on the certificate request. To learn more about this policy, go to Domain validation policy changes in 2021.
Use one of the other supported DCV methods, such as email, DNS TXT, and CNAME, to:
- Validate wildcard domains (*.example.com)
- Include subdomains in the validation process while validating a higher-level domain..
  For example, if you want to cover www.example.com, mail.example.com, and one.example.com when validating the higher-level domain example.com.
Validate IPv4 and IPv6 addresses
Per industry regulations, you must use the HTTP Practical Demonstration DCV method to demonstrate control over IPv4 and IPv6 addresses.

Acronyms in this article: Domain Name System (DNS), domain validation (DV)

Use HTTP Practical Demonstration record to demonstrate control over a domain

In CertCentral, go to the certificate’s Order # details page.
1. In the left main menu, go to Certificates > Orders.
2. On the Orders page, in the Order # column, find and select the certificate's order number link.
3. For CertCentral Subscription accounts, the steps to access the Order # detail page are different.
  1. In the left menu, go to My Digital Trust Products > Certificates.
  2. On the Certificates page, in the Order # column, select the certificate's order number link.
On the Order # details page, on the Details tab, in the Certificate status section, under What do you need to do, select the Prove control over domain link.
In the Prove control of your domain window, in the Domain control validation (DCV) method menu, select HTTP Practical Demonstration (File) and then select Save.
Create a .txt file and add the DigiCert-provided random value.
1. Open a text editor, such as Notepad.
2. In the Order token box, copy your token and enter the random value in text editor.
  Note: The random value expires after 30 days.
3. Save the .txt file under this name: fileauth.txt.
Create the /.well-known/pki-validation/ directory on your site.
For Windows-based servers, the /.well-known folder must be created via command line ( mkdir .well-known).
Place the fileauth.txt file on your site under /.well-known/pki-validation
The URL should look something like this: http://{domain-name}/.well-known/pki-validation/fileauth.txt.
Does your DV certificate include multiple domains?
Create the /.well-known/pki-validation/ directories on the domain sites and place your fileauth.txt file on them in the specified locations before you run the check.
The "check” doesn’t work if any domain site is missing a fileauth.txt file with the DigiCert-provided random value.
Finish domain validation.
1. In CertCentral, go to the certificate's Order # details page.
  1. In the left main menu, go to Certificate > Orders.
  2. On the Orders page, in the Order # column, select the certificate's order number link.
  For CertCentral Subscription accounts:
  1. In the left menu, go to My Digital Trust Products > Certificates.
  2. On the Certificates page, in the Order # column, select the certificate's order number link.
2. On the Order # details page, on the Details tab, in the Certificate status section, under What do you need to do, select the Prove control over domain link.
3. In the Prove control of your domain window, select Check site.

このセクションの内容: