You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/renew-certificates.mdx
+13-5Lines changed: 13 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,20 +11,28 @@ head:
11
11
12
12
import { Render } from"~/components"
13
13
14
-
The exact method for certificate renewal depends on whether that hostname is proxying traffic through Cloudflare and whether it is a wildcard certificate.
14
+
The exact method for certificate renewal depends on whether that hostname is active[^1] and whether it is a wildcard certificate.
15
15
16
16
Custom hostnames certificates have a 90-day validity period and are available for renewal 30 days before their expiration.
17
17
18
18
## Non-wildcard hostnames
19
19
20
-
If you are using a non-wildcard hostname and proxying traffic through Cloudflare, Cloudflare will try to perform DCV automatically on the hostname’s behalf by serving the [HTTP token](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/http/).
20
+
If you are using a non-wildcard hostname and the hostname is active, Cloudflare will try to perform DCV automatically on the hostname's behalf by serving the [HTTP token](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/http/).
21
21
22
-
If the custom hostname is not proxying traffic through Cloudflare, then the custom hostname domain owner will need to add the TXT or HTTP DCV token for the new certificate to validate and issue. As the SaaS provider, you will be responsible for sharing this token with the custom hostname domain owner.
22
+
If the custom hostname is not active, then the custom hostname domain owner will need to add the TXT or HTTP DCV token for the new certificate to validate and issue. As the SaaS provider, you will be responsible for sharing this token with the custom hostname domain owner.
23
23
24
24
## Wildcard hostnames
25
25
26
-
<Renderfile="txt-validation_preamble" /> <br/>
26
+
With wildcard hostnames, you cannot use HTTP. In this case, you will have to use TXT DCV tokens.
27
27
28
-
<Renderfile="update-dcv-method" /> <br/>
28
+
<Renderfile="txt-validation_preamble" />
29
+
30
+
<Renderfile="update-dcv-method" />
29
31
30
32
After this step, follow the normal steps for [TXT validation](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/txt/).
33
+
34
+
:::note
35
+
To allow Cloudflare to auto-renew all future certificate orders, consider [DCV delegation](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/delegated-dcv/).
36
+
:::
37
+
38
+
[^1]: Meaning Cloudflare could verify your customer's ownership of the hostname and the [hostname status](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/hostname-validation/validation-status/) is active.
0 commit comments