MindTouch manages all TLS/SSL certificates and no longer requires that they be purchased. The support team will contact you if your current TLS/SSL certificate is expiring in order to upgrade your site to our managed certificate platform. This article provides guidance if a certificate purchased and managed by your IT department is required.
Be sure to read about additional considerations for accessing your site over HTTPS.
Get a certificate signing request from MindTouch
Before you can purchase a certificate, MindTouch needs to generate a Certificate Signing Request (CSR) so you can obtain a certificate that is guaranteed to work with our servers. To generate the CSR, provide MindTouch Support with the following information:
- Country where your company is headquartered (e.g. "US")
- Region (e.g. State, County, Province) where your company is headquartered (e.g. "California")
- Town or city where your company is headquartered (e.g. "San Diego")
- Business or organization name (e.g. "ACME Corp.")
- Department name (e.g. "Documentation Team")
- Valid email address
- Domain names to associate with MindTouch (e.g. "help.example.com", "f1.help.example.com")
Obtain a TLS/SSL certificate
Once you have obtained a CSR from MindTouch Support, you need to provide the request to a TLS/SSL certificate vendor to purchase your TLS/SSL certificate. There are many TLS/SSL certificate vendors on the market that you can choose from. We recommend checking with your existing web hosting provider before using another third-party certificate authority.
Once you have purchased a TLS/SSL certificate, provide the following items to MindTouch Support:
- TLS/SSL certificate
- Certificate Authority (CA) bundle or intermediary certificates
Once the TLS/SSL certificate and associated files are in place, MindTouch Support will coordinate the final steps to enable HTTPS on your site.
Coordinate the domain name service change
Before your site starts using the TLS/SSL certificate, you will need to coordinate a domain name service (DNS) change with your web or network administrator. This DNS change requires a
recordbe pointed to
LB here stands for "load balancer".
To minimize downtime associated with the DNS change, please contact MindTouch Support to coordinate the change, as a corresponding change will need to be made by a MindTouch employee to finalize the process. Prior to this process, we recommend you work with your web or network administrator to lower your DNS TTL (time to live) value as low as your DNS host will allow. This will help minimize additional delays associated with the DNS change. After the DNS change, you can then increase your TTL value as needed.
To ensure all of your site traffic is secure, once your new domain is in place along with your TLS/SSL certificate, all traffic will be redirected to HTTPS.