To enable HTTPS for your custom domain, you need to add an SSL certificate from a certificate authority (CA). You can also use these steps to update a certificate that has expired. Learn more in Generating a CSR for a custom domain.
Note:
- Do not use a self-signed certificate or a certificate signed by a CA that is internal to your own organization. Certificates must be signed by a globally trusted CA.
- Minimum encryption of RSA-2048 or ECDSA-256 is required.
- The certificate must be valid.
- You can use wildcard and Subject Alternative Name (SAN) certificates, but they must match the domain name.
- When reimporting a certificate, the key type and size cannot be changed.