Email warning me my SSL certificate is due to expire

I got an email from Apple Developer (developer@email.apple.com) saying "The domain for your website that uses Apple Pay has an SSL Certificate that's due to expire"... and "To ensure uninterrupted use of Apple Pay on your website, revalidate your domain by " the date the certificate was scheduled to expire.


My SSL certificate has been updated but I see nowhere in the developer portal to "revalidate your domain". Any advice here? I use Braintree for the payment processing and they indicate it's nothing that they would control.


Any suggestions?


Thanks,

Gerry

Post not yet marked as solved Up vote post of GerryH Down vote post of GerryH
13k views
Posted by
GerryH
Reply
Add a Comment

Replies

Any news on that ? I have the exact same issue. I keep receiving this email even though the website has a new certificate.

Posted by
HopTech
Up vote reply of HopTech Down vote reply of HopTech
Add a Comment

I'm getting the same emails from apple, even though my domain certificate does not expire at the date they say it does. Anyone have any information about this?

Posted by
dgoodman
Up vote reply of dgoodman Down vote reply of dgoodman
Add a Comment

Guys, have you managed to revalidate domain somehow? I keep receiving same notification, but there's no option to revalidate under Certificates, Identifiers & Profiles.

Posted by
st3fek
Up vote reply of st3fek Down vote reply of st3fek
Add a Comment

Got the same email. does it get automatically re-verified?

Posted by
Haitao X
Up vote reply of Haitao X Down vote reply of Haitao X
Add a Comment

here is the steps to verify again :

https://developer.apple.com/library/archive/ApplePay_Guide/Configuration.html#//apple_ref/doc/uid/TP40014764-CH2

Posted by
Sarimin
Up vote reply of Sarimin Down vote reply of Sarimin
Add a Comment
If anyone is still struggling with this issue, here's the steps to re-verify your domain:

  1. Login to your developer account and click "Certificates, Identifiers & Profiles"

  2. Click "Identifiers" from the sidebar

  3. At the top right of the screen, next to the search icon, it'll probably say "App IDs," click it to reveal the dropdown menu.

  4. Select "Merchant IDs" from the dropdown menu and the list should update with your payment identifiers

  5. Click on the identifier you need to re-verify

  6. You'll see your "Merchant Domains" listed under "Apply Pay Payment Processing on the Web." Click the "Verify" button.

  7. You'll need to download and then upload the new "apple-developer-merchantid-domain-association.txt" to the ".well-known/" directory on your server.

  8. One you do, click "Continue" and your domain should be re-verified.

Hope this helps!

Posted by
sketch_ryan
Post not yet marked as solved Up vote reply of sketch_ryan Down vote reply of sketch_ryan

  • Hi Ryan,

    Could you help me in generating 'apple-developer-merchantid-domain-association.txt' file.

    Right now, I have few merchat Domain to verify in my Apple Account.(as they are going to expire soon)

    Will it generate 'apple-developer-merchantid-domain-association.txt' file automatically once I tap "Verify" button.

    Thanks in Advance.

    iOSSprinter
Add a Comment

My SSL certificate has been updated but I see nowhere in the developer portal to "revalidate your domain". Any advice here?

From the Renew Your Domain Verification documentation; If you update the SSL certificate before it expires, Apple detects the renewed certificate and the domain remains verified. No further action is required on your part.


Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
Posted by
meaton
Post not yet marked as solved Up vote reply of meaton Down vote reply of meaton

  • This is the correct answer

    xuyun
Add a Comment
Same issue here - apple does not detected changed/updated ssl certs after successful initial verification.
As I understand from the documentation, it should be enough to just replace the certs on the site with new ones and apple should detect the new certs and automatically revalidate the domain - it just never happens..
If I manually revalidate the domain (that means, download the new validation "key" and make it accessible on our webserver to apple) it instantly succeeds.
It really seems that the automatic revalidation process ist broken..
Posted by
YouPlant
Up vote reply of YouPlant Down vote reply of YouPlant
Add a Comment

Hi meaton,

I don't think this is working as you wrote. On one of my sites, the SSL certificate has been automatically renewed before it expired and the domain was not automatically validated by Apple...I had to do it manually by generating and uploading again the domain verification file. What could be the problem there? Thank you.

Posted by
neo_busteni
Up vote reply of neo_busteni Down vote reply of neo_busteni
Add a Comment

Apple please fix this!

Posted by
mdacne
Up vote reply of mdacne Down vote reply of mdacne
Add a Comment