Auth0 Managed Certificates for Custom Domains

Last Updated: Aug 21, 2024

Overview

This article offers answers to the below questions about the Auth0 Managed Certificates for Custom Domains.

1. How long are the certificates valid?
2. Are the certificates Extended Validation?
3. Are they “wildcard” certs or specific?
4. What is the Root CA and Issuing CA for these Certificates?

Applies To

• Auth0 Managed Certificates
• Custom Domains

Solution

1. How long are the certificates valid?
   The certificate is valid for three months. For more information, refer to Auth0-managed certificates.

2. Are the certificates Extended Validation?
   Auth0 does not issue Extended Validation (EV) certificates; it uses standard Domain-Validated (DV) certificates.

3. Are these wildcard certs or specific?
   The certificates issued by Auth0 are specific to the custom domain they are issued for. They are not wildcard certificates.

4. What is the Root CA and Issuing CA for these Certificates?
   The Root CA is ISRG Root X1, and the Issuer is LetsEncrypt. Read more about it by checking out this document: Introduction of Additional Certificate Authorities.
   To determine the Root CA and Issuing CA of a domain, the below steps should be followed:

   1. Open the website in the web browser.
   2. Click the padlock icon (usually in the address bar) to view the website’s security information.
   3. Click Certificate or Certificate Information to view the website’s SSL/TLS certificate.
   4. Look for the Issuer or Issued By field in the certificate information. This will show the name of the Issuing CA that issued the certificate.
   5. Look for the Root or Root CA field in the certificate information. This will show the name of the Root CA that issued the certificate for the Issuing CA.

Alternatively, online tools like SSL Checker can be used to check a domain’s certificate details, including the Root CA and Issuing CA.