Access Your Site Over HTTPS
- Applies to:
- All MindTouch Versions
- Role required:
- N/A
HTTPS connections are required for MindTouch sites and integrations.
MindTouch manages all TLS/SSL certificates and no longer requires that they be purchased. The support team will contact you if your current TLS/SSL certificate is expiring in order to upgrade your site to our managed certificate platform.
TLS/SSL considerations
- All MindTouch sites require a TLS/SSL certificate. MindTouch will provide and manage your site's certificate. In the event that a TLS/SSL certificate purchased and managed by your IT department is required, you may provide MindTouch with your custom certificate
- Custom domains: When configuring your MindTouch site with a custom domain (e.g.
help.example.com
), the complimentaryhttps://*.mindtouch.us
domain will redirect to your custom domain - Encryption: MindTouch requires that TLS/SSL certificates be SHA-256 compatible. If supplying your own certificate, please be sure your TLS/SSL certificate is generated with this cryptographic algorithm
- Server type: If TLS/SSL certificate providers ask which type of web server the TLS/SSL needs to be generated for, choose an option for Apache
- HTTPS: To ensure all of your site traffic is secure, once your new domain is in place along with your TLS/SSL certificate, all HTTP traffic is redirected to HTTPS. In addition, all MindTouch site responses contain a strict transport HTTP header ensuring that, for subsequent requests, web browsers skip the HTTP to HTTPS redirect and automatically use HTTPS for all connections to the MindTouch site
TLS/SSL certificate types
The most common TLS/SSL certificates cover a single domain such as help.example.com
.
Subject Alternate Name (SAN) TLS/SSL certificates can contain several domains such as www.example.com
and help.example.com
. SAN certificates are not the same as Wildcard TLS/SSL certificates. Wildcards cover all subdomains (e.g. *.example.com
).