Skip to main content

HTTP 실제 증명 유효성 검사 방법을 사용하여 도메인 제어 확인

HTTP 실제 데모로 TLS/SSL 인증서 주문의 도메인에 대한 제어를 증명

Use HTTP Practical Demonstration to demonstrate control over a domain on your OV/EV TLS/SSL certificate order. For information about this DCV method and other DCV methods, see Demonstrate control over domains on a pending certificate order.

Validating domains during the certificate order process means certificates can only be issued after you've completed the domain validation. For faster certificate issuance, prevalidate domains when possible. To learn more about domain prevalidation, see Domain prevalidation: Supported DCV methods.

Before you begin

중요

Only use the HTTP Practical Demonstration DCV methods to demonstrate control over fully qualified domain names (FQDNs) exactly as named in the certificate request. To learn more, visit Domain Validation Policy Changes.

Use one of the other supported DCV methods, such as email, DNS TXT, and CNAME, to:

  • Validate wildcard domains (*.example.com).

  • Include subdomains in the validation when validating a higher-level domain. For example, if you want to cover www.example.com, mail.example.com, and one.example.com when validating the higher-level domain example.com.

  • Prevalidate entire domains and subdomains.

To demonstrate control over your domain, host a file containing a DigiCert-generated random value (provided for the domain in your CertCentral account) at a predetermined location on your website: http://{domain-name}/.well-known/pki-validation/fileauth.txt.

After you've created the file and placed it on your site, DigiCert visits the specified URL to confirm the presence of our random value. Make sure to avoid the 일반적 실수: HTTP 실제 증명 DCV 방법.

단계 1: 보류 중 주문의 상태를 확인

SSL/TLS 인증서의 주문 세부 정보 페이지로 이동하여 인증서를 발급하기 전에 완료해야 하는 도메인 및 조직 유효성 검사를 확인합니다.

  1. CertCentral 계정에서 주문의 주문 번호 세부 정보 페이지로 갑니다.

    1. 왼쪽 메인 메뉴에서 인증서 > 주문으로 이동합니다.

    2. 주문 페이지의 주문 번호 열에서 인증서의 주문 번호 링크를 클릭합니다.

  2. 주문 번호 세부 정보 페이지의 유효성 검사 진행 중 섹션에서 주문의 발급 상태(주문이 도메인 또는 조직 유효성 검사 완료를 대기 중입니까?)를 확인합니다.

    After validation is complete (domains and organization), the Order status section no longer appears on the Order # details page.

  3. Under You Need To, select the domain's link you want to validate.

  4. In the Prove control over domain window, in the DCV Method dropdown, select HTTP Practical Demonstration.

  5. Create a .txt file and add the DigiCert-provided random value.

    1. Open a text editor (e.g., Notepad).

    2. In the Order token box, copy your token and paste the random value in text editor.

      The random value expires after 30 days.

    3. Save the .txt file under this name: fileauth.txt.

  6. Create the .well-known/pki-validation/ directory on your site.

    For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  7. Place the fileauth.txt file on your site under .well-known/pki-validation.

    The URL should look something like this:

    http://[yourdomain]/.well-known/pki-validation/fileauth.txt

  8. Complete domain validation

    1. In your CertCentral account, go to the order's Order # details page.

    2. On the Order # details page, in the Validation in Progress section, under You Need To, locate and select the domain link.

    3. In the Prove control over domain window, under 4. Complete domain validation, select Check site.

이 섹션의 내용: