[CF4SaaS] More details on CH validation and PATCH request (#19791)

* Replace links by DirectoryListing and add note on external CDN

* Add refresh validation option to status page

* Update instructions following PM review

* Call out need for ssl object even if for refresh or CA update

Author: RebeccaTamachiro

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/index.mdx

@@ -6,14 +6,12 @@ sidebar:
 
 ---
 
+import { DirectoryListing } from "~/components";
+
 Before Cloudflare can proxy traffic through a custom hostname, we need to verify your customer's ownership of that hostname.
 
 :::note
-
-
 If a custom hostname is already on Cloudflare, using the [pre-validation methods](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/pre-validation/) will not shift the traffic to the SaaS zone. That will only happen once the [DNS target](/cloudflare-for-platforms/cloudflare-for-saas/start/getting-started/#3-have-customer-create-cname-record) of the custom hostnames changes to point to the SaaS zone.
-
-
 :::
 
 ## Options
@@ -22,7 +20,10 @@ If minimizing downtime is more important to you, refer to our [pre-validation me
 
 If ease of use for your customers is more important, review our [real-time validation methods](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/realtime-validation/).
 
-## Other resources
+## Limitations
+
+Custom hostnames using another CDN are not compatible with Cloudflare for SaaS. Since Cloudflare must be able to validate your customer's ownership of the hostname you add, if their usage of another CDN obfuscates their DNS records, hostname validation will fail.
+
+## Related resources
 
-* [Hostname validation statuses](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/validation-status/)
-* [Error codes](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/error-codes/)
+<DirectoryListing />

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/validation-status.mdx

@@ -19,3 +19,9 @@ When you [validate a custom hostname](/cloudflare-for-platforms/cloudflare-for-s
 | Blocked             | Custom hostname cannot be added to Cloudflare at this time. Custom hostname was likely associated with Cloudflare previously and flagged for abuse.<br/><br/>If you are an Enterprise customer, contact your Customer Success Manager. Otherwise, email `[email protected]` with the name of the web property and a detailed explanation of your association with this web property. |
 | Moved               | Custom hostname is not active after **Pending** for the entirety of the [Validation Backoff Schedule](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/backoff-schedule/) or it no longer points to the fallback origin.                                                                                                                                     |
 | Deleted             | Custom hostname was deleted from the zone. Occurs when status is **Moved** for more than seven days.                                                                                                                                                                                                                                                                                         |
+
+## Refresh validation
+
+To run the custom hostname validation check again, select **Refresh** on the dashboard or send a `PATCH` request to the [Edit custom hostname endpoint](/api/resources/custom_hostnames/methods/edit/). If using the API, make sure that the `--data` field contains an `ssl` object with the same `method` and `type` as the original request.
+
+If the hostname is in a **Moved** or **Deleted** state, the refresh will set the custom hostname back to **Pending validation**.

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/reference/troubleshooting.mdx

@@ -106,7 +106,7 @@ Consider the following solutions:
 
     </Details>
 
-- Use the [Edit Custom Hostname](/api/resources/custom_hostnames/methods/edit/) endpoint to set the `certificate_authority` parameter to `google`: this sets Google Trust Services as the CA for your custom hostnames.
+- Use the [Edit Custom Hostname](/api/resources/custom_hostnames/methods/edit/) endpoint to set the `certificate_authority` parameter to `google`: this sets Google Trust Services as the CA for your custom hostnames. In your API call, make sure to also include `method` and `type` in the `ssl` object.
 - If you are using a custom certificate for your custom hostname, refer to the [custom certificates troubleshooting](/ssl/edge-certificates/custom-certificates/troubleshooting/#lets-encrypt-chain-update).
 
 ## Custom hostname fails to verify because the zone is held

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/troubleshooting.mdx

@@ -51,13 +51,14 @@ If a certificate issuance times out, the error message will indicate where the t
 * Timed Out (Deployment)
 * Timed Out (Deletion)
 
-To fix this error, send a [PATCH request](/api/resources/custom_hostnames/methods/edit/) through the API or select **Refresh** for the specific custom hostname in the dashboard. Please make sure that the `--data` field is not empty in your request.
+To fix this error, send a [PATCH request](/api/resources/custom_hostnames/methods/edit/) through the API or select **Refresh** for the specific custom hostname in the dashboard. If using the API, make sure that the `--data` field contains an `ssl` object with the same `method` and `type` as the original request.
+
 If these return an error, delete and recreate the custom hostname.
 
 ***
 
 ## Immediate validation checks
 
-You can send a [PATCH request](/api/resources/custom_hostnames/methods/edit/) to request an immediate validation check on any certificate. The PATCH data only needs include the same `ssl` object as the original request.
+You can send a [PATCH request](/api/resources/custom_hostnames/methods/edit/) to request an immediate validation check on any certificate. The PATCH data should include the same `ssl` object as the original request.
 
 ***