Verify a domain
After a custom domain has been added to the VIP Dashboard for an environment, it must be verified before DNS instructions can be accessed and before a Let’s Encrypt certificate can be installed. Verification proves that a customer has ownership of a domain and the necessary credentials to access the domain’s DNS settings. Only verified domains can be used for launching a site or sending emails.
Access
Prerequisites
- To verify a domain that has been added to an application’s environment, a user must have at minimum an Org member role or an App write role for that application.
- The ability to add and edit DNS records with the domain’s DNS host provider.
- Navigate to the VIP Dashboard for the application that the domain is associated with.
- Select the environment that will use the new domain (e.g., production, develop) from the dropdown located at the upper left of the dashboard.
- Select “Domains & TLS” from the sidebar navigation at the left of the screen.
A domain’s verification status is displayed on the “Domains & TLS” panel in the column labeled “Verification.”
- Verified: A domain that has successfully completed the verification process.
- Verified (legacy): A domain that was added to an environment prior to 27 February 2024.
- Unverified: A domain that has not successfully completed the verification process.
Verify Domain
In the Domains & TLS panel of the VIP Dashboard:
- Select the “•••” button located to the right of the domain to be verified.
- Select “Verify Domain” from the overflow menu to access a modal titled “Verify Domain.”
In the modal titled “Verify Domain,” setting values for “Name / Host” and “Value” are provided for the domain verification process. The values provided are unique to the domain and cannot be used for verification of any other domain.
Step 1 of 2 Add TXT record
In the account settings of the domain’s DNS host provider, a new TXT record must be created with those values.
- Create a new TXT record for the domain by following the instructions provided by the domain’s DNS host provider.
- Add the “Name / Host” and “Value” values provided by WPVIP in the “Verify Domain” modal into the corresponding TXT record fields. The values in the modal can be added to the user’s clipboard by selecting the button labeled “Copy” to the right of each value.
- Save the TXT record settings.
In the VIP Dashboard for the environment where the domain was added:
- Select “Domains & TLS” from the sidebar navigation at the left of the screen.
- Select the “•••” button located to the right of the domain.
- Select “Verify Domain” from the overflow menu.
- Select the button labeled “Continue.”
Step 2 of 2 Check for TXT record
The domain’s new TXT record must be detected with the correct settings by the VIP Dashboard in order to complete domain verification. The new TXT record could require up to 48 hours to fully propagate before it can be detected.
- Select the button labeled “Verify Domain” to prompt a check for the domain’s TXT record.
If the TXT record is not found or is incorrect, verification will fail with the error message “Unable to verify domain.”
- If verification failed due to a TXT record that has not fully propagated, the button labeled “Reverify Domain” can be selected at a later time to try again.
- If verification failed due to incorrect TXT record values, verification will continue to fail until the setting values are identical to those provided in Step 1 of 2.
After domain verification has been successfully completed, the DNS settings for pointing the domain to WPVIP will be available and a Let’s Encrypt certificate can be installed.
Confirm TXT record settings
After adding the TXT record to a domain’s DNS records, the new record may require up to 48 hours to fully propagate before it can be detected by the VIP Dashboard. It is also possible that the “Unverified” status of the domain is a result of an incorrect TXT record value.
To confirm that the domain’s TXT record matches the value provided by WPVIP, use the dig
command to retrieve the value that is set:
dig <TXT_RECORD_NAME> TXT +short
To run the command, replace <TXT_RECORD_NAME>
with the “Name / Host” value provided in Step 1 of 2 of the “Verify Domain” modal.
For example, if the “Name / Host” value provided is _wpvip.example-domain.com
, the command to run in a terminal on the user’s local machine is:
dig _wpvip.example-domain.com TXT +short
Output from the command will display the current value for the domain’s TXT record value. The value in the output should match the value that is displayed in Step 1 of 2 of the “Verify Domain” modal for the domain. If the values do not match, update the TXT record with the correct value with the domain’s host provider.
Review TXT record values
After a domain has been verified, the setting values for the domain’s TXT record are available for review.
- Select the “•••” button located to the right of the domain.
- Select “View Verification Details” from the overflow menu.
Wildcard subdomain verification
Applications that have more than 20 subdomains of a single root domain mapped to an environment can request a wildcard subdomain verification feature to be enabled. With the wildcard verification feature enabled, only the mapped root domain must complete the verification process. All subdomains of that verified root domain that are mapped to the environment will be automatically verified.
Submit a request to VIP Support to enable wildcard subdomain verification for that environment.
Last updated: April 26, 2024