Pipe Ten supports the community goal of https:// (SSL/TLS) by default and being provider agnostic by supporting wherever possible the use of both free and commercial SSL certificate authorities. In the simplest terms, protecting a website involves:
Prepare: Configure the hosting and generate an SSL CSR keeping the KEY private.
Purchase: Purchase commercial or generate free SSL certificate / CRT, providing the CSR to authority provider when promoted.
Validate: Prove your domain’s authenticity and control as prompted by an SSL authority provider which is typically via email, DNS or http (EV certificates require additional validation steps and documentation).
Apply: Configuring a load balancer or web server with previously KEY and newly generated CRT, when received from the SSL authority provider.
Optimise: Configure the website or hosting to redirect to https:// by default, checking code and content for absolute references to http:// and replace, verifying TLS settings are appropriate.
Manage: Securely store CRT, KEY and other CA files should restore be needed, then monitor and renew prior to expiry.
If you understand the process we recommend self-service SSL where Pipe Ten just handles the purchasing and automation of validation at minimal cost, however we also offer an assisted SSL service where our engineers will handle every step of the signing and installation process on your behalf.
Classification: Public
Last saved: 2023/05/23 at 11:30 by Gavin Kimpton