Skip to main content

新增網域,授權用於憑證的網域,然後使用 HTTP 現實論證作為驗證方法

採用 HTTP 現實論證證明有您的網域的控制權

Add a domain and demonstrate control over the domain by hosting a file containing a DigiCert-generated random value (provided for the domain in your CertCentral account) at a predetermined location on your website: http://{domain-name}/.well-known/pki-validation/fileauth.txt.

一建立檔案並放置在您的網站時,DigiCert 會瀏覽指定的 URL 以確認是否有您的唯一隨機值。確定避開 一般錯誤:HTTP 現實論證 DCV 方法

Important

Only use the HTTP Practical Demonstration DCV methods to demonstrate control over fully qualified domain names (FQDNs) exactly as named. To learn more, visit Domain Validation Policy Changes.

Use one of the other supported DCV methods, such as email, DNS TXT, and CNAME, to prevalidate entire domains and subdomains.

在您開始前

When you add a domain to your account, you must assign the domain to an organization in your account. However, before assigning a domain to it, you must first add the organization to your account. See Add an organization to your CertCentral account.

Additionally, if you want the domain used for OV, EV, or Private TLS/SSL certificates, you must submit its organization for prevalidation and include those matching validation types. See Submit an organization for pre-validation.

步驟 I:新增和授權用於 TLS/SSL 憑證的網域

  1. 在您的 CertCentral 帳戶的左側主功能表中,前往憑證 > 網域

    In the left main menu, go to Certificates > Domain.

  2. 網域頁面上,按一下新網域

  3. 新網域頁面的網域詳細資料下,輸入以下的網域資料:

    • 網域名稱

      輸入憑證將保護安全的網域名稱。

    • 組織

      在下拉清單中,選取接受您指派網域的組織。

  4. 網域控制驗證 (DCV) 方法下,選取 HTTP 現實論證

  5. 當您完成時,按一下提交以進行驗證

步驟 II:使用 HTTP 現實論證來證明對網域擁有控制權

  1. 建立您的 .txt 檔案:

    1. 在此名稱下儲存 .txt 檔:fileauth.txt

      1. Open a text editor (e.g., Notepad).

      2. In the Your unique verification token box, copy your token and paste the random value in text editor.

        The random value expires after 30 days.

      3. Save the .txt file under this name: fileauth.txt.

    2. Create the .well-known/pki-validation/ directory on your site.

      For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  2. 將 fileauth.txt 檔案放在您網站的 .well-known/pki-validation 下。

    URL 看起來應該像這樣:

    http://[yourdomain]/.well-known/pki-validation/fileauth.txt

  3. 驗證 HTTP 權杖

    1. 在您的 CertCentral 帳戶的左側主功能表中,前往憑證 > 網域

    2. 網域頁面的網域名稱欄中,按一下網域的連結。

    3. On the domain's details page, in the Domain control validation (DCV) method section under User actions select Check HTTP Token.

: