This is done by installing (enabling) or removing (disabling) You can choose which of them will be visible in the SSL It! interface for SSL It! makes it possible to order SSL/TLS certificates from a variety of vendors. Customizing the list of SSL/TLS certificates offered by SSL It! If you secured your website with a valid SSL/TLS certificate from a trusted CA,Īnd you turned on all security-enhancing features provided by SSL It!, Wait until the test is finished to receive your grade. The Qualys SSL Labs website will be opened in a new tab and the test will be automatically started. Go to Websites & Domains > your domain > SSL/TLS Certificates.To evaluate the SSL security of your website: Get A+, the highest possible score (after hardening SSL protection if necessary).Check how good the SSL protection of your website is.In the SSL It! extension, you can run one of the most popular testing service, Popular search engines (for example, Google) rank websites with better SSL protection higher. Automatic sync of TLS versions and ciphers by Mozilla is currently not supported.Įvaluating the SSL security of your website.To check if your certificate supports OCSP stapling, run the SSL Labs test on your SSL configuration. (for example, free certificates from DigiCert) if the complete trust chain is not in place. OCSP stapling may not work for SSL/TLS certificates from certain vendors.If your websites are served by Apache only, you do not need to turn on “OCSP Stapling”. OCSP stapling works only for websites served by nginx with Apache or solely nginx.To stay current, click Sync now once every few months.Keep Intermediate (recommended), and then click Enable & Sync.Under TLS versions and ciphers by Mozilla, turn on the toggle.Go to Extensions > the My Extensions tab > click Open next to SSL It!.TLS versions and ciphers by Mozilla harden connections secured with SSL/TLS certificates.(can be good, revoked, or unknown) from the CA instead of the visitor’s browser. OSCP makes the web server request the status of the website’s certificate.HSTS prohibits web browsers from accessing the website via insecure HTTP connections.SEO-safe 301 redirect from the insecure HTTP to the secure HTTPS version Redirect from http to https sets up a permanent,.Harden the security of all server’s encrypted connectionsĮnabling these features can improve your websites’ search engine rankings:.Enhance the security of your website’s visitors.HSTS, and much more) that can do the following: SSL is a complex technology, which has a number of features (key encryption algorithm, secure ciphers, Is not enough to get all-round protection. Merely securing a website with a valid SSL/TLS certificate from a trusted CA Click Unassign Certificate, and then click OK.Įnhancing security of your websites and encrypted server connections.Your domain whose SSL/TLS certificate you want to unassign > It usually happens no later than one hourĪfter the SSL/TLS certificate expires. Now when your paid SSL/TLS certificate expires, SSL It! automatically issuesĪ free SSL/TLS certificate from Let’s Encrypt to secure domains, subdomains, domain aliases,Īnd webmail belonging to the subscription. That is going to expire > SSL/TLS Certificates.
0 Comments
Leave a Reply. |