Pipe Ten supports the community goal of https:// (SSL/TLS) by default be provider agnostic by supporting wherever possible the use of both free and commercial SSL certificate authorities. In the simplest terms, protecting a website involves:
Prepare: Configure the hosting and generate an SSL CSR keeping the KEY private.
Purchase: Purchase commercial or generate free SSL certificate / CRT, providing the CSR to authority provider when promoted.
Validate: Prove your domains authenticity and control as prompted by SSL authority provider (typically via email). EV certificates require additional validation steps and documentation.
Apply: Configure load balancer or web server with previously KEY and newly generated CRT, when received from SSL authority provider.
Optimise: Configure website or hosting to redirect to https:// by default, check code/content for absolute references to http:// and replace, verify TLS settings appropriate.
Manage: Securely store CRT, KEY and other CA files should restore be needed, then monitor and renew prior to expiry.
If you understand the process we recommend self-service SSL where Pipe Ten just handles the purchasing and automation of validation at minimal cost.
We also offer an assisted SSL service where our engineers will handle every step of the process on your behalf.
Last modified: 29/03/2019