This article reviews various considerations to take into account when accessing your site over SSL (Secure Sockets Layer). Features such as F1 contextual help and Salesforce and Zendesk integrations require a connection over HTTPS.
The most common SSL covers a single domain such as "www.domain.com".
Subject Alternate Name (SAN) SSL certificates can contain several domains such as "www.domain.com" and "help.domain.com". SAN certificates are not the same as Wildcard SSL certificates; Wildcards cover all subdomains (e.g. *.domain.com).
Note: Within MindTouch, a SAN SSL certificate is required for configuring HTTPS connections to a custom domain.
Before purchasing an SSL for your custom domain, there a few considerations to take into account. Depending on the MindTouch features you'll be using with your custom domain, you may need to obtain a specific SSL certificate. A shared SSL is included for all MindTouch.Us domains: https://*.mindtouch.us
Configuring an SSL with a Custom Domain
When configuring your MindTouch site with a custom domain (e.g., "help.domain.com") as well as an SSL for your custom domain, the complimentary https://*.mindtouch.us domain will no longer redirect to your custom domain. If your site is utilizing a custom domain without an SSL, then the complimentary https://*.mindtouch.us domain will redirect accordingly.
MindTouch requires that SSL certificates be SHA-256 compatible. Please be sure your SSL is created with this encryption level support.
SSL providers often times request what type of web server the SSL will need to be generated for; in these instances choose an option for Apache.
If your site is using a custom domain then you will need to configure an SSL for your custom domain and reference your custom domain over HTTPS.
SSL Required? Yes
Required SSL Type: Subject Alternate Name (SAN) (for custom domains)
F1 Contextual Help
MindTouch.us Domain and F1
F1 Contextual Help within a *.mindtouch.us domain cannot be loaded if a site is Private and/or if you are targeting a page which requires authentication. When logged into a MindTouch site utilizing the mindtouch.us domain, users are redirected to HTTPS. The SSL included with the mindtouch.us domain is incompatible with F1 Contextual Help.
If you require your site to be private or you're trying to access a page which requires authentication, you will need to configure a custom domain.
Custom Domain and F1
F1 Contextual Help within a custom domain can be successfully loaded if the site is public and/or if you are targeting a page which does not require authentication.
If you require F1 Contextual Help to be loaded over a custom domain for a site that is private and/or if you are targeting a page which requires authentication, a Subject Alternate Name (SAN) SSL certificate is required. This type of certificate is required as information from your site will be served from both your main domain (e.g. "help.example.com") and your F1 domain (e.g. "f1.help.example.com").