Problems trying to PKI-Validation for onion EV certificate


#1

I tried to create the PKI-Validation that DigiCert use to validate the EV Certificate but I got a problem because the tXT file that they send to me is´nt available in our app server.

Please help me to make it available to DigiCert.

Thanks

JC


#2

Hi @gese can you confirm you attempted these steps?

From the Admin Workstation, SSH to the Application Server

$ ssh app

Edit the validation txt file with content the CA provides.

$ sudo vi /var/www/securedrop/.well-known/pki-validation.html

Note that the file content of the .txt file be inside the pki-validation.html. That is, copy and paste the file contexts from the .txt file and paste it into a file named pki-validation.html at that location.

If you have additional issues, please reach out to us again.

Best,
Freddy Martinez


#3

The change the way to validate the server.

This is what DigiCert send it to me:

Hello Juan Carlos,

I am trying to validate your certificate order for d66dfkvt6ycasrnp.onion and I need your help with just one thing:

I apologize for the confusion in my last email. We need to have to include the following information in a prectical demonstration for the .onion domain you requested.

To confirm you have control of the following domains, we need you to set up a web page at each url listed that we can access. Each page should contain the provided token.

domain: d66dfkvt6ycasrnp.onion
url: http://d66dfkvt6ycasrnp.onion/.well-known/pki-validation/5b66667777788888888999990000000.txt
token: 1111111111111111111111111111111

Once we verify this, we will move to the next step of the EV validation process.

JC