COS-General

How to use the "create a page" method for SSL domain validation

Last updated: September 28, 2017

Available For:

Marketing: Basic, Pro, Enterprise
Sales: N/A

After adding a domain in HubSpot’s domain manager and navigating through the steps to enable SSL on the domain, you’ll reach a point where you need to validate ownership of your domain.

One way to validate your domain is to create a website page that contains a unique token.
Follow the directions below to learn how to find this token and create a blank page that contains it:

  • First, to find the token, navigate in your HubSpot Marketing Basic, Professional, or Enterprise account to Content > Content Settings.
  • Click Domain Manager from the left-hand side menu.
  • Locate the progress of your domain validation at the top and click Validate domain.
  • From this pop-up window, you'll see two links and they both contain a unique string of letters and numbers. Click Copy next to the second link (validate.hubspot.net).
  • Paste that URL into a new web browser window and copy the token that appears on the page - this will be a long string of letters and numbers.
  • Create a blank file on your server (where your domain is hosted), called <whateveryourtokenis>, with nothing on the page except for that unique token/string. You can create this blank file easily on your computer as well by using a text editor. Take a look below for an example of how this should look - you can see the file contains only the unique token within the file. Once you have this file, you can upload it to your server.
Please note: The unique string must be the only content contained within your blank file. If this file contains any other content besides this unique string, the validation will not work.
  • Put this file on that same path as the URL. If you look at the example redirect link above, you can see that would be inside a folder called acme-challenge, which is inside a hidden well-known folder. Make sure this file is hosted and living on your domain. You can test this by visiting the URL in your browser and ensuring that it resolves to a page where you see your token. 

Please note that Google is rolling out an updated version of their popular Chrome browser, version 62. This update flags websites that have a form but are not SSL-enabled, and displays Not Secure within the browser bar. After you enable SSL, this warning should not appear anymore:   

Was this article helpful?