Search through more than a hundred articles on every aspect of User.com

Maciej Rzadkowski
Written by Maciej Rzadkowski

Adding SSL certificate to knowledge base

Set up an SSL certificate on Cloudflare


Introduction

After you set up a custom domain, your knowledge base will be hosted on your domain, but in HTTP rather than HTTPS. Your knowledge base will now appear as ‘not secure’ on web browsers like Chrome. In this article, you will learn how to secure it.

What is SSL?

SSL, Secure Socket Layer, (or TLS - Transport Layer Security) is the most often used protocol to secure the connection between your server and your browser. It ensures the connection between the server and browser is encrypted and safe and that it appears as HTTPS.

Here’s what an SSL-configured website (with HTTPS) typically looks like on the Chrome browser:

This is what it looks like when it is not secured by SSL (without HTTPS):

You can configure SSL for your custom domain to keep sensitive information encrypted. If you want to do this, make sure you’ve set up your CNAME with a DNS provider that supports SSL, like Cloudflare.

How to configure SSL with Cloudflare

Add SSL support to your domain

Go to the section, "Crypto", and change SSL to "Flexible" or "Full".

Note: Don’t choose "Full (Strict)" as this will result in an invalid SSL certificate.

Full ensures a secure connection between both the user and your Cloudflare domain and between Cloudflare and your web server.

Create a page rule enforcing HTTPS

Go to "Page Rules" and create a new page rule with the following settings, replacing help.exampleapp.com with your own custom domain.

Disable Cloudflare page speed features

Go to "Speed" and disable Rocket Loader and Mirage for your custom knowledge base domain. Why? Both of these features result in Cloudflare attempting to add some JavaScript to your knowledge base. However, this will break the functionality on your knowledge base due to security settings your knowledge base has enabled.

Categories: