Renew a DV certificate

Before you begin

When it is time to renew the certificate for your DV certificate, CPS generates a new certificate signing request (CSR) and sends it to Let's Encrypt for signing. Let's Encrypt sends back the challenges for the domains listed on your certificate. If you already set up the original certificate by redirecting your traffic to ‚ÄčAkamai‚Äč, or by modifying your DNS record to CNAME the domains listed in your certificate to ‚ÄčAkamai‚Äč, the certificate automatically renews and deploys. It is important to always keep the domains in your certificate CNAMEd to ‚ÄčAkamai‚Äč.

If you did not redirect your traffic to ‚ÄčAkamai‚Äč or modify your DNS record, validate the domains for the certificate you want to renew.

How to

To validate the domains:

  1. Find the certificate that is in the automatic renewal process on the CPS home page.

  2. Click the To-Do icon in the Submitting to CA column of the landing page and select View Validation Instructions from the status message.

    The Validate Domain Control screen appears with all the domains listed on your DV certificates and the status of each.

  3. If any of the domains have the status Waiting on User, CPS does not detect that on your web server you redirected the traffic for that domain or URL to ‚ÄčAkamai‚Äč. Go and do this now.

    If you need instructions on how to place redirected in web server files, see View validation instructions.

  4. Click Test All Redirects.

    1. If you set up all the redirects properly, you get a success message.
    2. Click Done, or Edit Deployment Settings if you want to edit the deployment settings for this certificate.

    For more information on editing deployment settings, see View and edit network deployment settings.

  5. These instructions inform you what URL you should point each domain to when you redirect your traffic.

    You must redirect each domain to a different URL.

Next steps

If your certificate does not deploy within a few hours, see View validation instructions.