The DCV button will ONLY be present on a domain which expires within 30 days OR on a newly entered domain. This means if the customer has a domain 31 days from its DCV Expiration, the customer will need to wait another day to renew the DCV record.
This happens due to the number of domain records (yes, everything in the domains tab for EVERY customer is included) that CCM needs to parse through every 4-5h. We or customers can force one or more DCV records to auto-update when at the time of pasting/uploading a CSR.
Workaround
Please note: Current production versions of OpenSSL do not yet support -addext "subjectAltName = DNS:foo.co.uk" so one must use Java's keytool (from JRE/JDK 7+)
Examples
For a single domain:
USE ssltool.com to generate a CSR for the single domain that is needed.
OR
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr -subj "/C=GB/ST=Yorks/L=York/O=MyCompany Ltd./OU=IT/CN=mysubdomain.mydomain.com" |
For multiple domains:
Create the keystore FIRST
keytool keytool -genkey -keyalg RSA -keysize 2048 -dname "CN=www.domain.com, O=Default, C=US" -keystore domain.keystore -ext san=dns:myDomain2.com,dns:myCoolDomain.com |
Generate the CSR (note: specifying the -ext items again)
keytool -certreq -keyalg RSA - file domain.csr -keystore domain.keystore -ext san=dns:myDomain2.com,dns:myCoolDomain.com |