Renew a custom TLS certificate
Custom TLS certificates that are installed for a domain should be renewed by the customer prior to their expiration date. The expiration date for a domain’s TLS certificate is displayed in the column labeled “Certificates” in the Domains & TLS panel of the VIP Dashboard.
- The new TLS certificate must be procured from the customer’s certificate authority, and it can be installed within the Domains & TLS panel.
- Generating a new CSR for the updated TLS certificate is not required, but for heightened security it is recommended.
Prerequisite
- Installing a TLS certificate for a domain in the VIP Dashboard requires a user to have at minimum an Org member role or an App write role for that application.
- In order to successfully install a generated custom TLS certificate, it must meet all of the requirements.
Access the custom certificate installer
- Navigate to the VIP Dashboard for the application that the domain is associated with.
- Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
- Select “Domains & TLS” from the sidebar navigation at the left of the screen.
- Select the three dots (“···“) to the right of the domain for which the custom TLS certificate applies.
- Select the option “Install Custom Certificate” from the dropdown.
- Select the button labeled “Renew Certificate” displayed in “Step 5 of 5” of the previously installed certificate. The custom certificate installer will return to an earlier step in the installation process for the domain. An option to generate a new CSR for a certificate renewal will be available for custom TLS certificates that use a VIP CSR.
- Follow the prompts to complete the installation process for the renewed certificate provided by the certificate authority.
The previously installed TLS certificate will remain active until all 5 steps have been completed for the updated certificate installation.
Last updated: December 22, 2023