The DCV HTTP File-based Token Method allows you to demonstrate control over your domain by hosting a .txt file containing a generated random string token at a predetermined location on your website. Once the file is created and placed on your site, the issuing CA visits the specified URL to confirm the presence of the verification token.
* DigiCert and GeoTrust SSL orders will have a filename of
fileauth.txtwhereas SSL orders for Sectigo and PositiveSSL CAs will have a filename similar in format to
Additionally, the File Content for Sectigo and PositiveSSL SSL orders will contain 2 or 3 lines of text, similar in format to the following.
Note the leading dot in
For Windows-based servers, the
.well-knownfolder must be created via command line
[filename].txtto the new directory so that you end up with the following public URLs for each FQDN requested.
** DigiCert and GeoTrust SSL orders can use HTTP or HTTPS whereas Sectito and PositiveSSL orders are specifically set to check DCV at either HTTP or HTTPS, but not both.
Scans of your HTTP File Token will begin immediately after you enroll for an SSL certificate, and automatic re-checks will be made periodically until the correct response is found. You can also force re-checks using step 2 above.
You choose the initial DCV method when placing an SSL/TLS order. You can change the current DCV method - for example, from Email Verification to DNS CNAME - at any time by clicking the button for any domain on the order that is not approved.
Please contact our support team if you have any additional problems or questions.