A generated custom TLS certificate must meet all of the following requirements in order to be successfully installed:
- Certificates must include both “www” and the root version of a hostname, so a SAN or wildcard certificate is recommended.
- The maximum certificate length that can be accepted by VIP is 398 days.
- Certificates must be in PEM format.
- The certificate chain must include one or more trusted certificates (also known as “Intermediate certificates“) provided by a Certificate Authority (CA).
- Trusted certificates are publicly available. If a trusted certificate is missing from a certificate chain, it can be retrieved from online tools such as KeyCDN.
- A custom TLS certificate can be generated and installed before the DNS for a domain is pointed to VIP.
Last updated: December 23, 2023