SSL

Sensitive data transmitted to and from your Moovweb project should be secured with SSL. SSL (Secure Sockets Layer), also known as TLS (Transport Layer Security) is a cryptographic protocol to communicate security over the Internet. SSL provides end-to-end data encryption and data integrity for all web requests.

When users visit secure domains on their devices that are set up on the Moovweb Cloud, an SSL certificate is needed. SSL certificates should be provisioned for all secure data that may pass through Moovweb.


Outline


SSL on Moovweb Overview

The Moovweb Control Center allows system administrators to manage SSL certificates used by projects that deliver endpoint experiences for domains that make use of HTTPs. System administrators can find the following features built for SSL management:

Setting up SSL certificates in Moovweb

To begin, access the Control Center’s domain and SSL configuration page under the project settings. In the domains section you can see all the domains that are transformed by Moovweb. You can configure SSL certificates for each or all domains associated with this project.

Go to the SSL certificate wizard by clicking the Configure button the appears next to list of domains:

SSL Configure

If the “Configure” button is not displayed, your project needs to be enabled for production. Please submit a ticket at http://help.moovweb.com to request this change.

Next, follow the steps outlined in the Control Center’s SSL Wizard. First select the domains that are secured by the SSL certificate. If you are building projects that use separate domains you can also select them as long as your account has access to these projects

SSL Steps

Next, you will need to generate a Certificate Signing Request (CSR). Once you have entered your company information, the CSR will appear on the next page:

Company Info

The next step is performed by a third party. You will need to create an SSL Key and Certificate and upload them back into our system in order to complete the process.

During project development that requires testing on the Moovweb cloud, organizations could use self-signed certificates to run end-to-end testing. You may use a self-signed certificate for staging environments but be sure to install a valid production certificate when going live.

CSR generated

You need to generate an SSL certificate in X.509 format at a minimum level of EV. There are a number of places you can get an SSL certificate, including:

Once you have a certificate, you can upload it to Moovweb in the Control Center.

After uploading the certificates you need to confirm that all the information is accurate. Moovweb will then provision the certificate and present you with the current status of certificates throughout the process.

Understanding SSL Certificate Status in Moovweb

The Moovweb Control Center provides various status for SSL certificates that aims to give system administrators information on the certificates for verification, reference or, re utilization purposes together with actions associated with the status of the certificate.

The following are the status and actions of SSL certificates in the Moovweb Control Center:

SSL Status

Status Action Description
Configure No existing certificate has been uploaded to the system, start the SSL Certificate wizard
In progress Continue The certificate is being provisioned to the Moovweb cloud. The continue action lets you access the step in the SSL certificate provisioning where pending actions may be needed to complete the process.
Completed Renew Once the certificate has been successfully provisioned into the system.

From the moment that a certificate is uploaded, the system will track the remaining number of days until the certificate expires using the following visual indications:
  • Expiring in xxx days: The certificate has more than 45 days until expiration.
  • Expiring in xxx days: The certificate is 45 or less days until expiration.
  • Expiring in xxx days: The certificate is 10 days until expiration.
Completed (Renewing) Continue The current certificate is getting renewed you can access the current active certificate’s information, and also access the step in the SSL certificate provisioning where pending actions might be needed to complete the process.

Setting up SSL Certificate Notifications

Every organization in the Moovweb Control Center can add a technical contact which is automatically registered to receive notifications related to SSL certificate status or that can be contacted by the Moovweb team in case where direct communication is needed to troubleshoot issues that might affect production sites.

To change the technical contact information go to the organization’s membership page (click the gear icon next to the Current Account dropdown) and then select the ‘Add Technical Contact’.

Technical Contact Panel

The system will automatically generate the following notifications for the technical contact: