Activate domain locking

PUT
https://www.digicert.com/services/v2/domain/{{domain_id}}/activate-domain-locking

Use this endpoint to activate domain locking for a given domain. Domain locking prevents users in other CertCentral accounts from requesting certificates for the domain.

Prerequisites

To lock a domain, you must enable domain locking in your CertCentral account. See Domain locking – Enable domain locking for your account.

Finish protecting your domain

When you activate domain locking, the domain's lock status (domain_locking_status) becomes pending. To finish protecting your domain, you must:

  1. Place the account token on the DNS CAA resource record for the domain (see Domain locking – Locking a domain, step 6). To get the account token (account_token), use the Domain info API.
  2. Check the CAA record for the domain by submitting a request to the Check CAA (domain lock) endpoint.
  3. If the information on the CAA record is correct, the domain's lock status becomes enabled, and the domain is locked.

Example requests and responses

cURL
curl -X PUT \
  'https://www.digicert.com/services/v2/domain/{{domain_id}}/activate-domain-locking' \
  -H 'Content-Type: application/json' \
  -H 'X-DC-DEVKEY: {{api_key}}'
204 No Content
// No Content

Path parameters

Name Req/Opt Description
domain_id required Domain ID.