Skip to content

Install a Let’s Encrypt TLS certificate

A Let’s Encrypt TLS certificate is available by default for any domain that has been added to an environment’s VIP Dashboard and has DNS updated to point to VIP.

  • Elliptic Curve Cryptography (ECC) certificates are issued for newly installed or renewed Let’s Encrypt certificates.
  • RSA certificates can only be issued by installing a custom TLS certificate.
  • The “www” and the “non-www” versions of a domain must be added separately to the VIP Dashboard. Each version of the domain requires its own Let’s Encrypt certificate to be installed.

Prerequisites

Domains have specific application and environment associations.

  1. Navigate to the VIP Dashboard for the application that the domain is associated with.
  2. Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
  3. Select the “Domains” panel option at the left.
  4. A button labeled “Install Certificate” will be displayed to the right of domains that do not yet have a TLS certificate.
  5. Select the “Install Certificate” button to access and select the “Let’s Encrypt” option in the dropdown.
  6. A confirmation message will appear at the bottom of the dashboard screen when the Let’s Encrypt TLS certificate has been installed.
A screenshot of the dropdown that appears after selecting the “Install Certificate” button

Re-install a Let’s Encrypt certificate

The VIP Platform will automatically make attempts to renew a domain’s installed Let’s Encrypt certificate 28 days prior to the certificate’s expiration date.

If a Let’s Encrypt certificate fails to auto-renew, customers can re-install the certificate in the VIP Dashboard.

  1. Navigate to the VIP Dashboard for the application that the domain is associated with.
  2. Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
  3. Select the “Domains” panel option at the left.
  4. Click on the three dots (“···“) to the right of the domain.
  5. Select the “Re-install Let’s Encrypt” option from the dropdown.
  6. A confirmation message will appear at the bottom of the dashboard screen when the Let’s Encrypt TLS certificate has been re-installed.
A screenshot of the dropdown that appears after selecting the “···” link to the right of a domain

Switch from a Let’s Encrypt certificate to a custom TLS certificate

After a Let’s Encrypt TLS certificate has been provisioned, it is possible to switch to a custom TLS certificate at any time.

  1. Navigate to the VIP Dashboard for the application that the domain is associated with.
  2. Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
  3. Select the “Domains” panel option at the left.
  4. Select on the three dots (“···“) to the right of the domain.
  5. Select the “Install Custom Certificate” option from the dropdown.
  6. Follow the instructions for installing a custom TLS certificate.

Last updated: January 16, 2023