You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
Home > SmartCMS - C/MZ > SSL FAQs
SSL FAQs
print icon

SSL (Secure Socket Layer), commonly known as HTTPS, is a communication method for the internet that protects website visitors’ information from being stolen or modified while it is being sent from their computer to a website. This is done by verifying the server's identity and encrypting the data.

 

This is available for all customer websites - both SmartCMS sites and non-SCMS sites.

 

SSL gives consumers confidence that sensitive information like their credit card numbers will not be intercepted. Having an SSL certificate for your domain also has benefits in relation to search engine optimization and general consumer trust. In addition, in January 2017 Google released Chrome version 56 which alerts users when they are on webpages that collect either credit card numbers or passwords that are not served over SSL. Eventually, Google will have a strong warning for all webpages not using the HTTPS protocol.

 

Contact [email protected] so that we can provide helpful, personalized direction in this process. Your solution is determined by which website host and which Content Management System (CMS) you have.

 

SmartCMS Customers:

  • SSL certificate installed by GrowthZone that covers your entire domain
  • Domain-level Validation
  • No additional SSL certificate necessary (in most cases)


All other customers:

  • SSL certificate will be installed that covers your subdomain (i.e. members.yourdomain.com or business.yourdomain.com)
  • Domain-level Validation
  • An additional SSL certificate must be obtained for your main domain
  • Recommend contacting your website host for info/cost of securing your main domain

 

With GrowthZone, Customer Service providing the installation, setup, and maintenance of your sub-domain SSL certificate, an understanding of the following information is not required but could be helpful overall.

 

Validation levels: The level of validation offered with SSL certificates (Domain, Organization, and Extended validation) is not critical to our configuration. The solution provided by GrowthZone will provide Domain Validation. Organization or Extended Validation provide additional information about who owns the domain, often desired by larger corporations or business in the security industry. All validation levels provide the same level of security.

 

  • DV (Domain Validated) where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.
  • OV (Organization Validation) is where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility into who is behind the site and associated enhanced trust.
  • EV (Extended Validation) is where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, which specify all the steps required for a CA before issuing a certificate.

 

Before enabling SSL access to your site, URLs and all references on the website will need mapping from HTTP to HTTPS, which includes all internal website links, images, JavaScript, CSS, and other elements. Readiness varies on each site but is likely understood by your webmaster.

 

Also note, if your website has any widgets that were generated using the Internet Settings Control Panel (ISCP), they will need to be re-generated and updated on your website prior to enabling SSL.

 

Noteworthy Information

  • The implementation of SSL on our servers uses a technology called Server Name Identification (SNI) which is not supported by older web browsers such as Internet Explorer version 7 and older, or for any users of IE that have the Windows XP operating system.
  • SSL is designed to protect only info in transit, not to be confused with protection for the server where the website is hosted.
  • Particularly sensitive information such as credit card information being sent from your website to our server is already secured on the ChamberMaster / MemberZone servers. Having an SSL certificate for your domain will secure ALL information (not just the sensitive information) while it is being sent to our server.
Feedback
0 out of 0 found this helpful

close button
scroll to top icon