Install a Let’s Encrypt TLS certificate
A Let’s Encrypt TLS certificate is available by default for any domain that has been added to an environment’s VIP Dashboard and has DNS updated to point to VIP.
- Elliptic Curve Cryptography (ECC) certificates are issued for newly installed or renewed Let’s Encrypt certificates.
- RSA certificates can only be issued by installing a custom TLS certificate.
- The “www” and the “non-www” versions of a domain must be added separately to the VIP Dashboard. Each version of the domain requires its own Let’s Encrypt certificate to be installed.
Prerequisites
- Installing a Let’s Encrypt certificate for a domain in the VIP Dashboard requires a user to have at minimum an Org member role or an App write role for that application.
- The DNS for the domain must already be pointed to VIP.
Domains have specific application and environment associations.
- Navigate to the VIP Dashboard for the application that the domain is associated with.
- Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
- Select “Domains & TLS” from the sidebar navigation at the left of the screen.
- A button labeled “Install Certificate” will be displayed to the right of domains that do not yet have a TLS certificate.
- Select the “Install Certificate” button to access and select the “Let’s Encrypt” option in the dropdown.
- A confirmation message will appear at the bottom of the dashboard screen when the Let’s Encrypt TLS certificate has been installed.

Last updated: December 07, 2023