This week Chrome is releasing an update that will show “Not Secure” on any site that uses HTTP. This is part of an ongoing strategy to create a more secure web. To assist with this change, we have added free automatic SSL certificates on all CloudCannon connected domains. This draws our SSL private beta to a close making it available for all CloudCannon users.
Once you add a domain name to CloudCannon we will attempt to generate an SSL certificate. We use Let’s Encrypt to author the certificate and plug them into our existing SSL system. Let’s Encrypt authorises us to do this by doing a request to that domain name. If the response matches what Let’s Encrypt expected, your certificate will be granted. This means that as soon as your DNS propagates to show your site, it will be protected with HTTPS.
HTTP will default to redirect to HTTPS for all CloudCannon sites. This can be configured using the Site Settings. Automatic generation can also be disabled which will enable a custom certificate upload option. If you have any issues, see the documentation or contact support.
Over the last month we have added four other features:
Our main goals for the next couple months is to improve editor UX and the performance of our entire platform. Thanks for the ongoing feedback and support.