Vue Storefront is now Alokai! Learn More
Custom Domains

Custom Domains

The documentation only applies to instances deployed on Alokai@Edge.

Custom domains allow you to expose your Storefront through your own domain and configure TLS using either an Alokai-managed certificate or a self-managed certificate.

General behavior

  • The Default domain is enabled by default.
  • The Default domain can be disabled only if at least one Custom Domain is added.
  • Custom domains are not enabled or disabled individually — they are added or removed.
  • Each domain must be associated with a certificate.

Choose certificate type

Before adding a domain, decide who manages the certificate.

Use Managed by Alokai if:

  • You want automatic certificate issuance and renewal.
  • You do not want to upload or rotate certificates manually.
  • You prefer DNS-based ownership verification.

This option requires domain ownership verification and DNS configuration before activation.

Use Self-managed certificate if:

  • You already manage certificates externally.
  • You require a specific CA or certificate policy.
  • You use wildcard or multi-domain certificates centrally.

This option requires a valid certificate uploaded at the organization level.

Managed by Alokai

Alokai provisions and manages the TLS certificate.

After adding the domain, ownership must be verified via DNS before the certificate can be issued. The following ACME validation methods are supported:

  1. ACME DNS challenge
  2. ACME HTTP challenge / CNAME record
  3. ACME HTTP challenge / A records (IPv4)

ACME DNS challenge

When to use

  • You have full control over DNS.
  • You prefer DNS-based validation.
  • You want verification independent of traffic routing.
  • You do not want to route traffic through Fastly before validation.

Configuration

Create a CNAME record for _acme-challenge.<domain> pointing to the validation host provided by the Alokai Console.

Additional information

  • This method validates ownership through DNS only.
  • It does not require the domain to resolve to Fastly before verification.
  • Often the most stable option in complex DNS environments.

ACME HTTP challenge / CNAME record

When to use

  • You prefer CNAME-based domain configuration.
  • Your DNS provider supports CNAME records at the required level.
  • You are using standard Fastly routing.

Configuration

Configure the domain as a CNAME pointing to the Fastly hostname provided by the Alokai Console.

Additional information

  • Validation occurs over HTTP.
  • The domain must resolve correctly to Fastly for verification to succeed.
  • Suitable for most standard production setups.

ACME HTTP challenge / A records (IPv4)

When to use

  • Your DNS provider does not allow CNAME records.
  • You are required to use A records.
  • You need direct IPv4 mapping.

Configuration

Create A records pointing to the IPv4 addresses provided by the Alokai Console.

Additional information

  • AAAA (IPv6) records are not supported with this method.
  • Validation occurs over HTTP.
  • Requires correct DNS propagation before verification completes.

Self-managed certificate

You provide and manage your own TLS certificate.

Requirements

  • The certificate must already be uploaded on the Certificates page (organization level).
  • The certificate must be valid and not expired.

During domain assignment, the system validates the domain against the certificate’s SAN list. Only exact matches or valid wildcard coverage are accepted. If validation fails, the domain cannot be added.

Additional information

  • No ACME verification is required.
  • The certificate assigned to a domain can be changed later.