Types of Akamai certificates
First of all, you have to check what kind of certificates you are dealing with. To do this, you must
- log in to Akamai and switch to the customer account
- then go to the CPS (Certificate Provisioning System)
- here you should see in the tab "in Progress" the certificate that will expire soon.
Next you need to check what type of certificate it is
In the Certificate Type column you can see which certificate it is.
Here you have the following options:
How to fix DVSAN certificates
A DVSAN certificate is a Let's Encrypt certificate.
If the CNAME points to Akamai, the certificate should be renewed automatically, but it may happen that the certificate cannot be renewed automatically for various reasons and you have to repair it yourself.
Please press the To-Do button here and press "Validate Control Over Domain(s)"
Here you can see which domains have already been validated and which still need to be validated.
There are 3 ways to manually validate a domain for a DVSAN certificate.
- URL Redirect
You'll need to add the following URL redirect (HTTP status code 301 or 302) to the server hosting this domain before the token expiration date listed below. Once Akamai detects the URL redirect is in place, it asks Let's Encrypt to validate the domain. It may take a few hours for Let's Encrypt to automatically validate your domain.
- HTTP Token
You'll need to create a file with a token in it and put the file in the designated folder on your site before the token expiration date listed below. Once Akamai detects the file is in place, it asks Let's Encrypt to validate the domain. It may take a few hours for Let's Encrypt to automatically validate your domain.
- DNS Token
You'll need to add the following TXT record to the DNS configuration of your domain. Adding this TXT record will not impact your website. The procedure for adding records depends on your DNS Service Provider.
How to fix OVSAN certifiactes
How to fix OVWildcard certifiactes
How to fix third-party certifiactes