ninety-seven
Common reasons and troubleshooting methods for failure of 1-yuan certificate application review

Fileauth.txt content configuration error

  1. The site has enabled https access mode
    Possible causes : The verification file is only deployed in the HTTP service path, not in the HTTPS service path, resulting in no corresponding file found when requesting with the HTTPS protocol.
    processing method (choose any one):
    a) Put the verification file under the HTTPS service path to ensure that the HTTPS protocol can access it.
    b) Turn off the HTTPS service of this site.
  2. The site returned an error code when accessing the validation file
    Possible causes : The site returned an error code page when trying to get the validation file. Such as 50X internal error page, 40X error page, 30X redirect page, etc.
    processing method : Ensure that the URL specified by the CA can directly access the correct authentication file content. Ensure that the final validation file is not displayed in the Web browser through redirection and other methods. Redirection can be detected by whether the browser address has changed.
  3. CDN service is enabled at the site
    Possible causes : CDN service nodes are not synchronized overseas. Symantec CA verifies that the server does not have a domestic mirror site. When your CDN image service node fails to complete synchronization overseas, the verification file cannot be detected.
    processing method : Synchronize the verification file to the overseas CDN service node, or temporarily close the CDN overseas acceleration service. If the CDN node server cannot be operated, it is recommended that you change the authentication method to DNS authentication.
  4. Verifying file timestamp timeout
    Possible causes : The validity period of the document validation is 7 days. When the timestamp information in the verification file content exceeds 7 days, the verification will fail.
    Document verification method
    Recommended command:
 Curl - k - v # Verify file URL
 perhaps
 Wget - S # Verify file URL

Please test the authentication file URL using HTTPS and HTTP protocols respectively.

DNS configuration error, entry mismatch

  1. Record value configuration error
    Possible causes : DNS resolution records are divided into host records and corresponding record values. When the host record is configured correctly, but the corresponding resolution record value is configured incorrectly, a validation error will result.
    processing method : Configure the correct DNS host records and record values.
  2. When using dnspod or some other domain name resolution service providers' services, DNS resolution configuration is not completed.
    Possible causes : When dnspod is used as the domain name resolution service provider, the CA verification return is not accurate because dnspod's query of non-existent host records returns different values than expected.
    processing method : Ignore relevant errors, complete DNS resolution record configuration as soon as possible, and complete domain name verification.
  3. Timestamp timeout in DNS resolution record value
    Possible causes : The record value of DNS validation contains a timestamp. Symantec DV certificate. The time stamp is valid until 16:00 of the next day. When the timestamp information in the TXT record value exceeds 16:00 of the next day, the verification will fail. The GeoTrust DV certificate timestamp is always valid.
    Note: In the domain name control panel of some domain name service providers, when the existing TXT record value is modified, the resolution record value takes more than 2 hours to take effect. The new TXT record value will take effect soon. Therefore, it is recommended that you create a new TXT record value to complete the verification. After the domain name is verified, relevant TXT resolution record information can be deleted.
  4. The domain name has enabled the dynamic resolution service
    Possible causes : The dynamic domain name resolution service is enabled for the relevant domain name, and the corresponding TXT resolution record value cannot be synchronized to the overseas authoritative DNS server in time.
    processing method : Please ensure that the dynamic resolution service is normal and that overseas resolution services can normally resolve your newly added TXT resolution records. Complete the synchronization of domain name resolution record values as soon as possible. If you apply for a Symantec DV certificate, the domain name resolution record values cannot be synchronized with the overseas authoritative DNS server before 16:00 the next day, which will cause your domain name verification to fail. GeoTrust DV certificate, resolution record value has no validity limit.
    TXT record value verification method
    Windows : You can use the nslookup command to query your domain name resolution status. Select the start menu, click Run, enter cmd, and enter the following command in the command line window: nslookup - qt=cname "Your domain name verification string" Analyze your domain name verification string information output information, and ensure that DNS resolution records have been correctly configured.
    Linux : Recommended dig Command, enter the dig domain name cname on the Linux terminal to view the output information, and ensure that the DNS resolution record has been correctly configured.
    If it is not convenient to use the above command, it can be detected through the web tool. Remember to select TXT.

Does this help solve your problem? resolved Unresolved

Submitted successfully! Thank you very much for your feedback, and we will continue to strive to do better! We are sorry that we were unable to resolve your question. We have received your feedback and will give feedback in time!

  • 100 times fault compensation
  • Refund for 1 day without reason
  • 7x24 service
  • 0 yuan fast filing
  • 1V1 Special Secretary