The DCV HTTP File challenge method allows you to demonstrate control over your domain by hosting a .txt file containing a generated random string token at a predetermined location on your website. Once the file is created and placed on your site, the issuing CA visits the specified URL to confirm the presence of the verification token.

A. Instructions for GeoTrust, Symantec and DigiCert orders

  1. In your GeoCerts account on the Pending orders view click the order number link to open the Order Details page.
  2. On the Order Details page, in the Domain Control Validation section, copy the Hash Token string to your clipboard.

    domain control validation hash token

    The random hash token value expires after thirty days.
  3. Open a text editor (such as Notepad) and paste your unique hash token into the file. Save the file as fileauth.txt.

    If your order includes multiple domains, use this fileauth.txt file for each domain on the certificate order.
  4. Create a public directory on your server: /.well-known/pki-validation

    Note the leading dot in .well-known
    For Windows-based servers, the .well-known folder must be created via command line
    (mkdir .well-known).
  5. Add your fileauth.txt to the new directory so that you end up with the following public URL.

    http(s)://[yourdomain.com]/.well-known/pki-validation/fileauth.tx
  6. Test the URL in a browser using http or https to verify that it's working properly. Your browser should display your unique hash token.

    undefined

    Does your order include multiple domains (SANs)? Create the .well-known/pki-validation/ directories on the domains and place your fileauth.txt file on them in the specified locations first -- before you you check the status below. If any domain sites are missing a fileauth.txt file containing the random hash token value, the check will fail.
  7. Once the file is created and placed on your site, automatic periodic visits to the specified URL(s) are performed to confirm the presence of your random value.
  8. You can force a check by clicking Recheck Status in the Domain Control Validation section.

    undefined
  9. When all domains on the order are Approved the Domain Control Validation step is complete!

B. Instructions for Sectigo (formerly Comodo) orders

  1. In your GeoCerts account the Pending orders view click the order number link to open the Order Details page.
  2. On the Order Details page, in the Domain Control Validation section, copy the three lines of the URL Content string to your clipboard.

    Copy URL Content

    The random hash token value expires after thirty days.
  3. Open a text editor (such as Notepad) and paste the thee lines of the URL Content section. Save the file as [MD5 hash].txt.

    If your order includes multiple domains, use this [MD5 hash].txt file for each domain on the certificate order.
  4. Create a public directory on your server: /.well-known/pki-validation

    Note the leading dot in .well-known
    For Windows-based servers, the .well-known folder must be created via command line
    (mkdir .well-known).
  5. Add your [MD5 hash].txt to the new directory so that you end up with the following public URL.

    http(s)://[yourdomain.com]/.well-known/pki-validation/[MD5 hash].tx
  6. Test the URL in a browser using http or https to verify that it's working properly. Your browser should display three lines of text.

    Does your order include multiple domains (SANs)? Create the .well-known/pki-validation/ directories on the domains and place your [MD5 hash].txt file on them in the specified locations first -- before you you check the status below. If any domain sites are missing a [MD5 hash].txt file containing the token values, the check will fail.
  7. Once the file is created and placed on your site, automatic periodic visits to the specified URL(s) are performed to confirm the presence of your random value.
  8. You can force a check by clicking Refresh in the Domain Control Validation section.

    Refresh DCV status
  9. When all domains on the order are Approved the Domain Control Validation step is complete!

Additional Resources

  • GeoTrust, DigiCert, and Symantec: File DCV method common mistakes .
  • Sectigo/Comodo Domain Control Validation (DCV) methods .

Please contact our support team if you have any additional problems or questions.