This article reviews various considerations to take into account when accessing your site over SSL (Secure Sockets Layer). All MindTouch sites requires an SSL certificate.
The most common SSL covers a single domain such as
Subject Alternate Name (SAN) SSL certificates can contain several domains such as
help.domain.com. SAN certificates are not the same as Wildcard SSL certificates; Wildcards cover all subdomains (e.g.
If you are using the F1 Contextual Help implementation, a specific Subject Alternate Name (SAN) SSL certificate is required.
Configuring an SSL with a custom domain
When configuring your MindTouch site with a custom domain (e.g.
help.domain.com) and an SSL for your custom domain, the complimentary
https://*.mindtouch.us domain will no longer redirect to your custom domain. If your site is utilizing a custom domain without an SSL, then the complimentary
https://*.mindtouch.us domain will redirect accordingly.
MindTouch requires that SSL certificates be SHA-256 compatible. Please be sure your SSL is created with this encryption level support.
SSL providers often request what type of web server the SSL will need to be generated for; in these instances choose an option for Apache.
Forcing all traffic to HTTPS
To ensure all of your site traffic is secure, once your new domain is in place along with your SSL, note that all traffic will be forced to HTTPS.