Skip to content

Custom TLS certificate requirements

A generated custom TLS certificate must meet all of the following requirements in order to be successfully installed:

  • Certificates must include both “www” and the root version of a hostname, so a SAN or wildcard certificate is recommended.
  • The maximum certificate length that can be accepted by VIP is 398 days.
  • Certificates must be in PEM format.
  • The certificate chain must include one or more trusted certificates (also known as “Intermediate certificates“) provided by a Certificate Authority (CA).
  • Trusted certificates are publicly available. If a trusted certificate is missing from a certificate chain, it can be retrieved from online tools such as KeyCDN.
  • A custom TLS certificate can be generated and installed before a domain has been verified and before the DNS for a domain is pointed to VIP.

Last updated: February 27, 2024

Relevant to

  • Node.js
  • WordPress