Skip to main content

Add SSL to your MindTouch site

Written by James Valent
Director of Support at MindTouch
This page applies to:MindTouch Responsive

This article explains the steps needed to add an SSL (Secure Sockets Layer) to your MindTouch site. An SSL allows users to access your site over HTTPS:// and provides a secure level of encryption. This article is most relevant for content managersdevelopers and site owners.

SSLs are required for all MindTouch sites. 


SSL considerations


Be sure to read about additional considerations for SSL implementation in MindTouch!

 

Instructions


The following three steps are required when implementing an SSL for a custom domain within your MindTouch site:

  1. Getting a Certificate Signing Request (CSR) from MindTouch
  2. Obtaining an SSL certificate
  3. Coordinating the domain name service (DNS) change
     

Get a certificate signing request from MindTouch


Before you can purchase a certificate, MindTouch needs to generate a Certificate Signing Request (CSR) so you can obtain a certificate that is guaranteed to work with our servers. To generate the CSR, provide MindTouch Support with the following information:

  • Country where your company is headquartered (e.g. "US")

  • Region (e.g. State, County, Province)  where your company is headquartered (e.g. "California")

  • Town or city where your company is headquartered (e.g. "San Diego")

  • Business or organization name (e.g. "ACME Corp.")

  • Department name (e.g. "Documentation Team")

  • Valid email address

  • Domain names to associate with MindTouch (e.g. "help.example.com", "f1.help.example.com")
     

Obtain an SSL certificate


Once you have obtained a CSR from MindTouch Support, you need to provide the request to an SSL vendor to purchase your SSL. There are many SSL vendors on the market that you can choose from. We recommend checking with your existing web hosting provider before using another third-party certificate authority.

Once you have purchased an SSL, provide the following items to MindTouch Support:

  • SSL certificate
  • Certificate Authority (CA) bundle or intermediary certificates 

Once the SSL certificate and associated files are in place, MindTouch Customer Success will coordinate the final steps to enable SSL on your site.

If you are using the older F1 Contextual Help implementation or GeniusLink for Salesforce Community Cloud, a specific Subject Alternate Name (SAN) SSL certificate is required. The contextual help Touchpoint requires an SSL, though any SSL type can be utilized.

 

Coordinate the domain name service change


Before your site starts using the SSL certificate, you will need to coordinate a domain name service (DNS) change with your web or network administrator. This DNS change requires a "CNAME record" be pointed to 'LB.mindtouch.us'; LB here stands for "load balancer".

In order to minimize downtime associated with the DNS change, please contact MindTouch Support to coordinate the change, as a corresponding change will need to be made by a MindTouch employee to finalize the process. Prior to this process, we recommend you work with your web or network administrator to lower your DNS TTL (time to live) value as low as your DNS host will allow. This will help minimize additional delays associated with the DNS change. After the DNS change, you can then increase your TTL value as needed.

To ensure all of your site traffic is secure, once your new domain is in place along with your SSL, note that all traffic will be forced to HTTPS.

 

Additional contextual help considerations


Be sure to read about additional considerations for SSL implementation in MindTouch!