Distil is capable of providing a certificate on your behalf for establishing HTTPS traffic. We acquire and manage certificates from Let's Encrypt. This option saves you the time and cost of acquiring and managing your own SSL certificates. Using a Let’s Encrypt certificate managed by Distil is different than providing your own SSL certificate.
If you provide your own certificate:
- You handle the certificate generation and renewals
- You send us the certificate and then we add it to our routers
- You maintain control of the certificate and it’s your responsibility to keep it up to date and send us the new certificate after you renew it
In rare scenarios, such as requiring wildcard certificates or email vetting for domains, Distil is able to offer GlobalSign certificates instead of Let’s Encrypt. These are more expensive than Let’s Encrypt and take longer to generate, but we are able to accommodate customers when such a need arises. For more information, please contact support.
To use Distil's certificate via Let's Encrypt, provide your list of domains to us.
NOTE: Please make sure that you are in control of the domain or the certificate cannot be created. Please provide the following domain information:
- The primary domain (CNAME) for the certificate. This is a single domain for which the certificate is registered.
- The alternate names for the certificate.
Examples: www.example.com, test.example.com, www.test.example.com, anotherexample.com
Once this information is provided, Distil responds with authentication tokens for each domain. Add these as DNS TXT records for each domain. Once they’re in place, we generate the certificate. The entire process is very quick and can be completed in a matter of minutes.