Use the HTTP Practical Demonstration validation method to verify domain control

Use these instructions to first check the status of your SSL certificate order, and then, to use the HTTP Practical Demonstration DCV method to demonstrate control over the domains on the order.For more information about this method and other DCV methods, see Demonstrate control over domains on your SSL certificate order.

Make sure to avoid some of the more common mistakes – Common mistakes: HTTP Practical Demonstration DCV method.

Step 1: Check the status of your pending order

Go to the SSL/TLS certificate's order page to check its issuance status. You can also see what domain and organization validation needs to be completed before we can issue it.

  1. In your CertCentral account, go to the order's Order # details page.

    1. In the sidebar menu, click Certificate > Orders.
    2. On the Orders page, use the filters and advanced search features to locate the pending certificate order to want to check.
    3. In the Order # column of the certificate order, click the order number link.
  1. On the Order # details page, in the Validation in Progress section, check the order's issuance status (is the order waiting on domain or organization validation to be completed?).

Step 2: Use DNS TXT to demonstrate control over the domains

  1. On the Order #details page, under You Need To, click the domain link you want to complete the DCV for.

When you have multiple domains (SANs) on an order, each one will be listed. Those with a checkmark next to them are validated. Those with a clock icon next to them still need you to complete their validation.

  1. In the Prove Control Over Domain window, in the DCV Method dropdown, select HTTP Practical Demonstration.

  1. Create your .txt files

    1. In the Token box, copy your unique token.
      To copy the value to your clipboard, single click in the text field.
      Note: The unique token expires after thirty days. To generate a new token, click the Generate a New Token link.
    2. Open a text editor (such as Notepad) and paste in your unique Token.
    3. In your HTTP practical demonstration URL, the string after pki-validation/ is the name of your txt file.
      For example, if your HTTP practical demonstration URL is http://example.com/.well-known/pki-validation/c7e2ff0c848e4707594066cc860.txt, then, your file name is c7e2ff0c848e4707594066cc860.txt.
    4. Save the .txt file you created under this name (for example, c7e2ff0c848e4707594066cc860.txt).
  1. Create the .well-known/pki-validation directory

    Create the .well-known/pki-validation/ directory on your site and place your .txt file in it.

    For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  1. Verify the HTTP Token

    1. In your CertCentral account, go to the order's Order # details page.
      1. In the sidebar menu, click Certificate > Orders.
      2. On the Orders page, in the Order # column of the certificate order, click the order number link.
    2. On the Order # details page, in the Validation in Progress section, under You Need To, locate and click the domain link.
    3. In the Prove Control Over Domain window, under 2. Check HTTP Token, click Check.
  1. Congratulations! You demonstrated control over the domain and completed its domain validation.