To install a custom TLS certificate for a domain with a CSR that was not generated by VIP, customers must have in their possession a complete certificate chain generated by a Certificate Authority (CA).
A complete certificate chain includes:
- Private key (password protected certificate keys are not supported)
- Leaf certificate
- Trusted certificates (also known as “Intermediate certificates“)
Access the custom certificate installer
- Navigate to the VIP Dashboard.
- Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
- Select “Domains & TLS” from the sidebar navigation at the left of the screen.
- Add the domain by selecting the “Add Domain” button in the upper right if it does not yet appear in the Domains list.
- A button labeled “Install Certificate” will be displayed to the right of newly added domains in the Domains & TLS panel.
- Select the “Install Certificate” button to access and select the “Custom Certificate” option in the dropdown.
- Select the text “Have your own CSR and Private Key?” near the top of the screen.
Upload a certificate chain
To populate the “Upload a Certificate Chain” fields with all four parts of the complete certificate chain, a user can either “Copy and paste” or “Upload a PEM file”.
Copy and paste
For customers who have obtained separate files for all four parts of the complete certificate chain:
- Open the complete certificate chain files in a text editor.
- One at a time, copy the contents of a complete certificate chain file from the text editor and paste the contents into its corresponding field.
- Repeat for all four files.
- Select “Upload“.
Upload a PEM file
For customers who have obtained a single PEM file that contains all four parts of the complete certificate chain:
- Select the linked text “Select a PEM file“.
- Select the file source from the local machine.
- Select “Upload“.
Activate a custom certificate
The installation of a TLS certificate is not complete until it has been activated for a domain.
Choose your domains
After uploading a certificate chain:
- Select the dropdown below the “Domains” label.
- Select the domain for which the new custom TLS certificate is being installed.
- Select “Activate Certificates“.
Confirm the certificate is working
Last updated: December 07, 2023