You need to use the properties "fileauth contents" and "fileauth name" as follows:
- In the root - domain (no sub-domain), create folders and file named as specified in "fileauth name"
- Into the file, write the data returned in "fileauth contents"
Symantec will poll this file and if it matches the data, the certificate will be generated. As an example, should the certificate above be for the domain "docs.example.com", the file created needs to be "example.com/.well-known/pki-validation/fileauth.txt" containing the string "RInN0UIPzTzZrJDhCD6C".
The FILE must always be stored at all main domains, not at sub-domains any more. Only one FILE is necessary for the main domains. For SAN SSL certificates, the FILE containing the string must be stated for all respective main domain(s), but not for sub-domains.
Exemplary domains in CSR
- www.example.com
- something.example.com
- example.net
- anotherthing.example.org
These require 3 FILEs at main domain level
- example.com/.well-known/pki-validation/fileauth.txt
- example.net/.well-known/pki-validation/fileauth.txt
- example.org/.well-known/pki-validation/fileauth.txt
The content of the file is identical for these domains, it is generated of the CSR and only consists of the string returned via API.