Skip to main content

 

MindTouch Success Center

Understand accessing your site over SSL (TCS)


This article reviews various considerations to take into account when accessing your site over SSL (Secure Sockets Layer). Features such as F1 contextual help and Salesforce and Zendesk integrations require a connection over HTTPS.

 

SSL Types

The most common SSL covers a single domain such as "www.domain.com".

Subject Alternate Name (SAN) SSL certificates can contain several domains such as "www.domain.com" and "help.domain.com". SAN certificates are not the same as Wildcard SSL certificates; Wildcards cover all subdomains (e.g. *.domain.com).

Note: Within MindTouch, a SAN SSL certificate is required for configuring HTTPS connections to a custom domain.
 

SSL Considerations

Before purchasing an SSL for your custom domain, there a few considerations to take into account. Depending on the MindTouch features you'll be using with your custom domain, you may need to obtain a specific SSL certificate. A shared SSL is included for all MindTouch.Us domains:  https://*.mindtouch.us

Configuring an SSL with a Custom Domain

When configuring your MindTouch site with a custom domain (e.g., "help.domain.com") as well as an SSL for your custom domain, the complimentary https://*.mindtouch.us domain will no longer redirect to your custom domain. If your site is utilizing a custom domain without an SSL, then the complimentary https://*.mindtouch.us domain​ will redirect accordingly.

Encryption

MindTouch requires that SSL certificates be SHA-256 compatible. Please be sure your SSL is created with this encryption level support.

Server Type

SSL providers often times request what type of web server the SSL will need to be generated for; in these instances choose an option for Apache.

Integrations

SSL connections are required for Salesforce and Zendesk integrations. If your site is not utilizing a custom domain you can reference the shared SSL available for https://*.mindtouch.us.

If your site is using a custom domain then you will need to configure an SSL for your custom domain and reference your custom domain over HTTPS.


SSL Required?  Yes

Required SSL Type:  Subject Alternate Name (SAN) (for custom domains)


F1 Contextual Help

MindTouch.us Domain and F1

F1 Contextual Help within a *.mindtouch.us domain cannot be loaded if a site is Private and/or if you are targeting a page which requires authentication. When logged into a MindTouch site utilizing the mindtouch.us domain, users are redirected to HTTPS. The SSL included with the mindtouch.us domain is incompatible with F1 Contextual Help.​

If you require your site to be private or you're trying to access a page which requires authentication, you will need to configure a custom domain.

Custom Domain and F1

F1 Contextual Help within a custom domain can be successfully loaded if the site is public and/or if you are targeting a page which does not require authentication.

If you require F1 Contextual Help to be loaded over a custom domain for a site that is private and/or if you are targeting a page which requires authentication, a Subject Alternate Name (SAN) SSL certificate is required. This type of certificate is required as information from your site will be served from both your main domain (e.g. "help.example.com") and your F1 domain (e.g. "f1.help.example.com").

F1 Best Practices

For best practices, when invoking F1 contextual help we recommend the following two configurations for your site:


SSL Required?  Recommended

Required SSL Type:  Subject Alternate Name (SAN) (for custom domains)
 

 

  • Was this article helpful?