


Support Desk
The DCV HTTP File-based Token Method allows you to demonstrate control over your domain by hosting a .txt file containing a generated random string token at a predetermined location on your website. Once the file is created and placed on your site, the issuing CA visits the specified URL to confirm the presence of the verification token.
* DigiCert and GeoTrust SSL orders will have a filename offileauth.txt
whereas SSL orders for Sectigo and PositiveSSL CAs will have a filename similar in format to6C25483595D7C679E95088CF316F56801ADE6990A8B93B660F8CB.txt
.
Additionally, the File Content for Sectigo and PositiveSSL SSL orders will contain 2 or 3 lines of text, similar in format to the following.6C25483595004C8B5FBED7C679E95089A8B39E5E6384C9A9C49890EB00A887B9
sectigo.com
b6gnGbHI
/.well-known/pki-validation
Note the leading dot in .well-known
For Windows-based servers, the.well-known
folder must be created via command line
(mkdir .well-known
).
[filename].txt
to the new directory so that you end up with the following public URLs for each FQDN requested.http(s)://example.com/.well-known/pki-validation/[filename].txt
** DigiCert and GeoTrust SSL orders can use HTTP or HTTPS whereas Sectito and PositiveSSL orders are specifically set to check DCV at either HTTP or HTTPS, but not both.
Scans of your HTTP File Token will begin immediately after you enroll for an SSL certificate, and automatic re-checks will be made periodically until the correct response is found. You can also force re-checks using step 2 above.
You choose the initial DCV method when placing an SSL/TLS order. You can change the current DCV method - for example, from Email Verification to DNS CNAME - at any time by clicking the button for any domain on the order that is not approved.
Please contact our support team if you have any additional problems or questions.