This week Chrome is releasing an update that will show “Not Secure” on any site that uses HTTP. This is part of an ongoing strategy to create a more secure web. To assist with this change, we have added free automatic SSL certificates on all CloudCannon connected domains. This draws our SSL private beta to a close making it available for all CloudCannon users.

How it works

Once you add a domain name to CloudCannon we will attempt to generate an SSL certificate. We use Let’s Encrypt to author the certificate and plug them into our existing SSL system. Let’s Encrypt authorises us to do this by doing a request to that domain name. If the response matches what Let’s Encrypt expected, your certificate will be granted. This means that as soon as your DNS propagates to show your site, it will be protected with HTTPS.

HTTP will default to redirect to HTTPS for all CloudCannon sites. This can be configured using the Site Settings. Automatic generation can also be disabled which will enable a custom certificate upload option. If you have any issues, see the documentation or contact support.

What else is new

Over the last month we have added four other features:

  1. Post form hooks to enable custom form workflows. This is useful for connecting systems like Zapier or IFTTT.
  2. Enable embeds within your editor experience. This allows your editors to add any custom HTML including Youtube, Vimeo or Twitter.
  3. Improved on-boarding flow. This cuts down the number of options when creating a site to keep it focused. We hope to improve this by automatically detecting more environment requirements.
  4. A new dashboard for developers. This displays a site’s most important information including syncing and build state. We will add more to this as we learn more about common errors.

Our main goals for the next couple months is to improve editor UX and the performance of our entire platform. Thanks for the ongoing feedback and support.