HTTPS / SSL
At makandra we can provide different solutions for HTTPS/SSL.
Let's Encrypt is a certificate authority that launched on April 12, 2016 that provides free X.509 certificates for Transport Layer Security (TLS) encryption via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation, and renewal of certificates for secure websites.
- You can get certificates free of charge.
- You don't have to worry about verification mails, expiring or reissuing certificates.
- Everything is automated and monitored.
- If your application need to get accessed by very old clients like old Java Versions, the certificate is perhaps not usable for you (see ).
There is one caveat: When one of your domains with Let's Encrypt is deleted or does not longer point to our IP and that change has not been communicated to us, the automated renewal of the certificate will stop working and thus the certificate will expire for all your applications after 30 to 60 days and all browsers will show an SSL certificate error.
- If you need a special certificate (like a wildcard or EV certificate) or don't want to use Let's Encrypt we can buy and configure the certificate for you. Due to the complicated pricing model of ssl certificates please ask for a price list.
- For the verification you need to have access to one of these email address of your domain:
- You can also use an existing or self bought certificate.
- Please talk with us about how to send us your certificate key. Do not send us the key of your certificate through an unencrypted channel.
In the past we only allowed one certificate per IP becausesupport was not readily available. In the future we will automatically use multiple certificates per IP if needed. Please tell us if you are working with really old Software that does not support SNI (e.g. Java 1.6).