> ## Documentation Index
> Fetch the complete documentation index at: https://docs.searchcompany.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Technical overview of the Complete Certificate endpoint

# POST /api/domain/complete-certificate/{org_id}

Completes the Let's Encrypt certificate request after the user has added the TXT record. This is Step 2 of the SSL flow.

## Purpose

This endpoint:

1. Validates the DNS challenge with Let's Encrypt
2. Issues the SSL certificate
3. Imports the certificate to AWS ACM
4. Attaches the certificate to CloudFront

## Architecture

```mermaid theme={null}
flowchart TD
    A[Frontend Request] --> B[Complete Certificate Endpoint]
    B --> C[DNS Precheck]
    C --> D[Complete ACME Challenge]
    D --> E[Let's Encrypt API]
    E --> F[Issue Certificate]
    F --> G[Import to ACM]
    G --> H[Attach to CloudFront]
    H --> I[Update Database]
    I --> J[Return Success]
```

## Internal Services

### complete\_certificate\_request

Responds to the ACME challenge and retrieves the issued certificate.

**Location:** `src/app/apis/domain/shared/letsencrypt/certificate_service.py`

### attach\_certificate\_to\_cloudfront

Updates the CloudFront distribution to use the new SSL certificate.

**Location:** `src/app/apis/domain/shared/letsencrypt/certificate_service.py`

## DNS Precheck

Before attempting the ACME challenge, the endpoint performs a best-effort DNS lookup against:

* Cloudflare DNS (1.1.1.1)
* Google DNS (8.8.8.8)

This helps catch DNS propagation issues early.

## Response Fields

| Field             | Type   | Description                   |
| ----------------- | ------ | ----------------------------- |
| `status`          | string | "success" or error            |
| `proxy_status`    | string | Updated to "SSL\_VALIDATED"   |
| `certificate_arn` | string | ACM certificate ARN           |
| `message`         | string | Human-readable status message |

## Code Location

```
src/app/apis/domain/complete_certificate/routes.py
```
