Will non-wildcard custom hostname's SSL be auto renewed when the SaaS customer does not set the DCV?
Like the title, to lessen the configuration that a user needs to be added to their DNS, after creating the custom hostname and the user has already added their ACME challenge TXT record and CNAME to the SaaS domain, is it mandatory for the user to add the DCV record into their DNS to make the SSL will be automatically reissued?
4 Replies
Support AI
According to the documentation, no, it is not mandatory for the user to add the DCV record into their DNS to make the SSL automatically reissued.
As stated in the documentation (https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/delegated-dcv/), "Once this is complete, Cloudflare will place two TXT DCV records - one for
example.com and one for *.example.com - at the example.com.<COPIED_HOSTNAME> hostname." This implies that Cloudflare will handle the DCV record creation after the user has set up the CNAME record.
However, it is essential to note that the CNAME record needs to stay in place to allow Cloudflare to continue placing the records for renewals.Sources
Feedback
Feedback has been submitted! Thank you :)
This is an AI generated response, it may not be 100% accurate. Please validate the output. You can ask followups by replying to this message or mentioning me.
in which case does the user need to add a DCV record to their DNS to make the SSL automatically reissue?
@Helpflare in which case does the user need to add a DCV record to their DNS to make the SSL automatically reissue?
DNS over Discord: A records
haivq.com. A @8.8.8.8 +noall +answer
diggy diggy hole
DNS over Discord: A records
haivq.com A @1.1.1.3 +noall +answer
diggy diggy hole