Skip to main content
MindTouch Success Center

Access your site over HTTPS

HTTPS connections are required for MindTouch sites and integrations.

TLS/SSL considerations

  • All MindTouch sites require a TLS/SSL certificate - add TLS/SSL certification to your MindTouch site.
     
  • Custom domains: When configuring your MindTouch site with a custom domain (e.g. help.example.com) and an TLS/SSL certificate for your custom domain, the complimentary https://*.mindtouch.us domain will no longer redirect to your custom domain.
     
  • Encryption: MindTouch requires that TLS/SSL certificates be SHA-256 compatible. Please be sure your TLS/SSL certificate is generated with this cryptographic algorithm.
     
  • Server type: If TLS/SSL certificate providers ask which type of web server the TLS/SSL needs to be generated for, choose an option for Apache.
     
  • HTTPS: To ensure all of your site traffic is secure, once your new domain is in place along with your TLS/SSL certificate, all HTTP traffic is redirected to HTTPS. In addition, all MindTouch site responses contain a strict transport HTTP header ensuring that, for subsequent requests, web browsers skip the HTTP to HTTPS redirect and automatically use HTTPS for all connections to the MindTouch site.

TLS/SSL certificate types

The most common TLS/SSL certificates covers a single domain such as www.example.com.

Subject Alternate Name (SAN) TLS/SSL certificates can contain several domains such as www.example.com and help.example.com. SAN certificates are not the same as Wildcard TLS/SSL certificates. Wildcards cover all subdomains (e.g. *.example.com).

If you are using MindTouch for Salesforce integrations, a specific Subject Alternate Name (SAN) SSL certificate is required. 

  • Was this article helpful?