Renew a custom TLS certificate

Custom TLS certificates that are installed for a domain should be renewed by the customer prior to their expiration date. The expiration date for a domain’s TLS certificate is displayed in the column labeled “Certificates” in the Domains & TLS panel of the VIP Dashboard.

• The new TLS certificate must be procured from the customer’s certificate authority, and it can be installed within the Domains & TLS panel.
• Generating a new CSR for the updated TLS certificate is not required, but for heightened security it is recommended.

Access the custom certificate installer

1. Navigate to the VIP Dashboard for the application that the domain is associated with.
2. Select the environment that the domain points to (e.g., Production, Develop) from the dropdown located at the upper left of the dashboard.
3. Select “Domains & TLS” from the sidebar navigation at the left of the screen.
4. Select the three dots (“···“) to the right of the domain for which the custom TLS certificate applies.
5. Select the option “Install Custom Certificate” from the dropdown.
6. Select the button labeled “Renew Certificate” displayed in “Step 5 of 5” of the previously installed certificate. The custom certificate installer will return to an earlier step in the installation process for the domain. An option to generate a new CSR for a certificate renewal will be available for custom TLS certificates that use a VIP CSR.
7. Follow the prompts to complete the installation process for the renewed certificate provided by the certificate authority.

The previously installed TLS certificate will remain active until all 5 steps have been completed for the updated certificate installation.