Skip to main content

Activate domain locking

PUT https://www.digicert.com/services/v2/domain/{{domain_id}}/activate-domain-locking

Use this endpoint to activate domain locking for a given domain. Domain locking prevents users in other CertCentral accounts from requesting certificates for the domain.

Prerequisites

To use lock a domain, you must enable domain locking in your CertCentral account. See Domain locking – Enable domain locking for your account.

Finish protecting your domain

When you activate domain locking, the domain's lock status (domain_locking_status) becomes pending. To finish protecting your domain, you must:

  1. Place the account token on the DNS CAA resource record for the domain (see Domain locking – Locking a domain, step 6). To get the account token (account_token), use the Domain info API.

  2. Check the CAA record for the domain by submitting a request to the Check CAA (domain lock) endpoint.

  3. If the information on the CAA record is correct, the domain's lock status becomes enabled, and the domain is locked.

Example requests and responses

Path parameters

Name

Req/Opt

Description

domain_id

required

Domain ID.