Feb 11, 2025

Atlas Domain Management FAQs

Atlas Domain Management enables users to view and manage all domains associated with their Atlas identities and is a critical piece of Certificate Lifecycle Management. Through the Atlas portal, you can request validation for new domains, delete existing domains, or renew domains before they expire.

Your domains will be added to containers called 'identity profiles'. Certificates issued to those domains will include identity information from the associated profile.

Prerequisites

Before you can prove control of a domain, you must have trial or purchased service on your Atlas account, and at least one validated identity. For more information about our TLS service offerings, please reach out to our sales department.

When verifying a domain, you will receive an authorization token or an emailed verification link, depending on the verification method you choose. Tokens are valid for 30 days and can be reissued if you are unable to complete domain validation before the token expiration date.

How do I request a domain?

1. After you have purchased a service and have a verified identity, from the Dashboard, click on 'Certificates' and then click on 'Domains'.
2. Click on 'New Domain', then select the identity you wish to add the domain to.
   Note: Only TLS-service identities can use Atlas Domain Management.
3. Enter the 'Domain name' the fully qualified domain name (FQDN)  of the domain you wish to verify. Click Save and continue.
4. That domain is ready for verification and you will have 30 days to verify it by clicking 'Verify my domain' or 'Verify later'.

How do I verify a domain?

Once you have submitted a domain claim, a domain verification code (DVC) will be generated for you to use to prove control of your domain. This code is good for 30 days and can be renewed when it expires.

1. After you submit a domain claim in the previous section, you can immediately click View and verify this domain, or click Domains on the left menu, select the identity profile associated with the domain, and then click Manage domains. 
   
   OR 
   
   If you select Verify Later then click Domains on the left menu, select the domain you wish to verify, then click Verify this domain.
2. A modal window  will display with different domain validation methods: DNS TXT, HTTP, and Email. Select the one you want to use and follow the prompts to validate your domain with that method.
3. Once you have made the appropriate configurations, click Verify the domain. It may take several minutes for Atlas to show the expiration date.

How do I reset my domain verification code (DVC)?

A DVC is generated when you first submit a claim to prove control of a domain. The DVC is good for 30 days and can be reset if you do not complete domain verification before its expiration.

1. Click Domains on the left menu, select the domain requiring a DVC reset, then click Reset DVC on the right side of the screen.
2. This new DVC will be used when you start the verification process.

How do I delete a domain?

You can delete a domain when it is pending verification or active. 

1. Click Domains on the left menu, then select the domain you wish to delete.
2. Then, on the right side of the screen, click Delete domain. 

What is the difference between Expiration Date and Verify Before Date?

Expiration Date indicates your verified domain validity (if no expiration date for the domain, it means that it has not been verified), while Verify Before Date indicates that pending verification to be done.

Where can I see which domain verification method used?

1. Click Domains on the left menu.
2. The Domain has the column name ‘Last verification Method’ which indicates method used to verify the domain.
3. If you select the domain, on the right side of the screen, you would see the ‘Domain Verification History’. 

What happens when my domain expires?

TLS domains are typically valid for 13 months; when a domain expires, you cannot issue Certificates for that domain and must revalidate.

What to do if I receive the error message: "DNS domain validation error: "status": "ERROR","description": "read tcp (ip-address)->(ip-address): i/o timeout","timestamp": 1697487367,"method": "DNS"}"?

If you encounter a timeout or SERVFAIL results when performing a DNS verification, it might be due to a geographic block or IP restriction.
Please have your IT technician review your policies regarding the implementation of regional geographic or IP restrictions.
Note: SERVFAIL may also be a symptom of a DNSSEC validation chain error.