Add a domain, authorize the domain for certificates, and use HTTP practical demonstration as the validation method

Demonstrate control over your domain with HTTP practical demonstration

Demonstrate control over your domain by hosting a .txt file containing a random value at a predetermined location on your website. Once the file is created and placed on your site, DigiCert visits the specified URL to confirm the presence of your unique random value. Make sure to avoid some of the more Common mistakes: HTTP practical demonstration DCV method.

Before you begin

Before you can prevalidate a domain for TLS/SSL certificate validation, you must first submit its organization for prevalidation. Additionally, if you want the domain to be used for OV, EV, and/or Private SSL certificates, you must submit its organization for those matching validation types.

Step I: Add and authorize a domain for TLS/SSL certificate

  1. In your CertCentral account, in the left main menu, go to Certificates > Domains.

  1. On the Domains page, click New Domain.

  1. On the New Domain page, under Domain Details, enter the following domain information:

    • Domain Name
      Enter the domain name the certificates will secure.
    • Organization
      In the dropdown, select the organization you want to assign the domain to.
  1. Under Validate This Domain For, check the validation types for which the domain must be validated.

    • OV/EV Domain Validation
      Allows you to order OV and EV SSL/TLS certificates for this domain, such as Standard SSL, Secure Site SSL, and Secure Site Pro EV SSL.
    • Private SSL Domain Validation
      Allows you to order private SSL certificates for this domain, such as Private SSL and Private Multi-Domain SSL.
  1. Under Domain Control Validation (DCV) Method, select HTTP Practical Demonstration.

  1. When you are finished, click Submit for Validation.

Step II: Use HTTP practical demonstration to demonstrate control over the domain

  1. Create your .txt file:

    1. Under User Actions, in the Your unique verification token box, copy your verification token.
      Note: The unique verification token expires after thirty days. To generate a new token, click the Generate New Token link.
    2. Open a text editor (such as Notepad) and paste in Your unique verification token.
    3. Save the .txt file under this name: fileauth.txt.
  1. Create the .well-known/pki-validation/ directory on your site.

For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  1. Place the fileauth.txt file on your site under .well-known/pki-validation.

    The URL should look something like this:

    http://[yourdomain]/.well-known/pki-validation/fileauth.txt

  1. Verify the HTTP token

    1. In your CertCentral account, in the left main menu, go to Certificates > Domains.
    2. On the Domains page, in the Domain Name column, click domain link.
    3. On the domain details page (e.g., example.com), at the bottom of the page, click Check HTTP Token.