How to Install an SSL Certificate

How to install an SSL Certificate to your application, enable auto-https, and enable HSTS

Modern ecommerce sites require encrypted connections in order to remain PCI complaint and to allow the site to accept credit card data. Encryption ensures your customers’ credit card details are securely transmitted and cannot be intercepted by bad actors on the internet. To encrypt connections for your website, you must install an SSL (TLS) certificate. Webscale allows you to install/upload an SSL you already own, or you can use the Auto HTTPS feature to have a Let’s Encrypt SSL certificate installed and maintained automatically for your site. Lastly, to ensure full encryption and compliance you can enable HSTS (HTTP Strict Transport Security) for your applications.

Install an SSL you already own

If you already own an SSL certificate and want to use it with Webscale, you can install it in the Webscale Control Panel.

HTTPS Settings
1. Click HTTPS on the menu to the left. Then, click the Add a certificate button.
Add SSL dialog
2. The box that opens up shows the current SSL sections (SSL/TLS Key, Certificate, and Intermediate Certificate) along with boxes to the right where you can paste the contents of your SSL certificate file. Paste the appropriate sections in the matching boxes, and click the Save Changes button. When your SSL expires or otherwise needs to be replaced, repeat these steps.

Configure Auto HTTPS

If you don’t already own an SSL certificate or just want to leverage the Auto HTTPS feature, a free Let’s Encrypt SSL certificate will be created for each domain added to your application. Let’s Encrypt SSLs expire after 90 days, but the Webscale Auto HTTPS feature will automatically renew each SSL and keep it updated. Webscale will request the Let’s Encrypt SSLs on your behalf, and will create the challenge files necessary for any SSLs to be created. Once the challenge files have been confirmed, the SSLs will be installed.

HTTPS Settings
1. Click HTTPS on the menu to the left. Then, click the toggle to the right of Auto HTTPS. This starts the certificate request and installation task.
Users List
2. To view the status of the SSL request, click on the Tasks icon on the upper right - which will now show rotating circular arrows instead of the standard clock.
Users List
3. On the task viewer page, a list of current and recent tasks is shown. Click on the Obtain certificate task to get information on the status of the task, as well has information on the certificate order and the HTTPS and DNS challenges. Note that the task will expire, so if Let’s Encrypt cannot verify the challenges within the expiration time period listed, a new request must be made. Please contact support if you need assistance here, or have more questions.

Enable HSTS

Per Wikipedia:

HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should automatically interact with it using only HTTPS connections, which provide Transport Layer Security (TLS/SSL), unlike the insecure HTTP used alone.

When you enable HSTS, you increase the security of your application for your customers and you both. To enable HSTS, click HTTPS on the menu to the left and then click the HSTS toggle.

Further Reading

Have questions not answered here? Please Contact Support to get more help.

Last modified September 10, 2020