Certificates statuses show which stage of the issuance process each certificate is in.
- Pending Validation
- Pending Issuance
- Pending Deployment
Once you issue a certificate, it should be in Pending Validation, but change to Active after the validation is completed. If you see any errors, you or your customer may need to take additional actions to validate the certificate.
If you deactivate a certificate, it will become a Deactivating and then an Inactive status.
When your zone becomes active, your custom certificate will deploy automatically (also moving to an Active status).
If your zone is already active when you upload a custom certificate, you will not see this status.
- Staging deployment: Similar to Pending Deployment, but for staging certificates.
- Staging active: Similar to Active, but for staging certificates.
- Deactivating: Your staging certificate is in the process of becoming Inactive.
- Inactive: Your staging certificate is not at the edge, but you can deploy it if needed.
- Active: The client certificate is active.
- Revoked: The client certificate is revoked.
- Pending Reactivation: The client certificate was revoked, but it is being restored.
- Pending Revocation: The client certificate was active, but it is being revoked.
Monitor certificate statuses
SSL for SaaS
Via the command line
$ openssl s_client -servername app.example.com -connect $CNAME_TARGET:443 </dev/null 2>/dev/null | openssl x509 -noout -text | grep app.example.com