Requesting a New VDMS SSL Certificate

Before requesting a new VDMS SSL certificate for your Distil-protected domain, please provide a list of all domains planned to be used with SSL on VDMS in the immediate future to your Distil Sales Account Manager. Once we receive your list of domains, we will proceed through the SSL validation steps outlined below.

NOTE: If you are currently using and intend to continue using a third-party CDN for a domain, there may be additional considerations. Please contact your Sales Account Manager for further information.

SSL Validation

The expected turnaround time to acquire and deploy an SSL cert is five to seven business days. Once you have provided the domain list to your Distil Sales Account Manager, you should expect to receive two authorization challenges, the first (email challenge) will come directly from DigiCert and the second (DNS TXT records) will come from Distil:

  • Email challenge to the WHOIS email contact(s) for your domain(s), and a
  • DNS TXT record challenge

NOTE: We automatically send both authorization methods, you only need to complete the method that is most convenient for you. If you prefer to use DNS validation, then you can ignore the email challenge. We send both validation types in case you do not have access to the email account of the registered WHOIS record.

Email Challenge

  1. DigiCert automatically sends a domain approval email to the WHOIS admin(s).
  2. The admin(s) approve the emailed certificate request.
    NOTE: An admin may choose to either approve all future orders under the domain name(s) (recommended), or approve only the specific host names used in the request (example below).

  3. VDMS deploys your certificate to their network.

If you have any questions, please don't hesitate to contact your sales engineer.

DNS Challenge

  1. For those clients who cannot reply to WHOIS emails, DigiCert offers DNS TXT record validation as an alternative validation method.
  2. Distil provides you with a token to add as a TXT record to your domain's primary authoritative DNS zone.
    NOTE: If you add additional domains, Distil will send a token for each apex domain.
  3. DigiCert validates your domain(s) via DNS and issues your certificate to VDMS.
  4. VDMS deploys your certificate to their network.
  5. Distil updates your Distil CNAME to the new VDMS SSL cluster according on your requested deployment timeline.

If you have any questions, please don't hesitate to contact your sales engineer.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request