Overview
Secure connections to your CIMcloud website are provided via an industry-standard TLS Certificate (also referred to as an “SSL certificate”), which encrypt communication between people’s web browsers and the website.
You can confirm the connection is secure if the url starts with “https://” and your web browser displays a lock icon in the address bar.
Certificate Setup and Management
The TLS certificate is included as part of your CIMcloud website and is provisioned, renewed, and managed by the CIMcloud platform. You do not need to purchase or manage the certificate while CIMcloud is hosting the website.
However, if you are using CAA DNS records follow the steps in the following section.
Certification Authority Authorization (CAA) DNS Records (Optional Setup)
CAA records can be added to your custom domain’s DNS to restrict which certificate authorities can be used to generate TLS Certificates for your domain. This is not required for the CIMcloud platform, however it can be enabled for additional security of your domain.
If you choose to add CAA records to your domain they must allow certificates to be issued by “letsencrypt.com”. Otherwise CIMcloud cannot provision or renewal certificates for your CIMcloud website. You should follow these steps if using CAA records:
- You will need to access the DNS hosting provider for the website’s custom domain
- In DNS for the website domain, edit the CAA record and add letsencrypt.org to allow the issuance of non-wildcard certificates.
- Note: Your DNS provider can provide specific instructions for doing this if you are unsure of the steps required.
- To test the CAA changes, go to https://caatest.co.uk/, enter your website domain, and verify that [issue “letsencrypt.com”] is listed