SSL Certificates Guide: Understanding and Managing Website Security Settings
SSL Certificates: A Comprehensive Guide
SSL certificates automatically protect all correctly specified Squarespace domains, enhancing security by preventing impersonation and data theft. This protection extends to Squarespace domains, connected third-party domains, subdomains, and built-in domains.
Eligibility Requirements:
- Domain name must be 63 characters or fewer
- Domain must be properly connected
- DNS records must be correctly configured
Checking SSL Certificate Status:
- View domain dashboard for "Issued" status
- Check SSL panel for "Active" status
- Access site to verify certificate
SSL Settings Options:
Secure (Recommended)
- Automatically redirects to HTTPS
- Includes HTTPS links in sitemap
- SEO-friendly
- Requires SSL-supporting browsers
HSTS Protection
- Recommended with Secure setting
- Encrypts connection
- Prevents site impersonation
- Eliminates "connection not private" warnings
Insecure
- Allows both HTTP and HTTPS access
- Contains HTTP links in sitemap
- May affect site security
Yellow arrow pointing to the lock
Technical Specifications:
- Uses Let's Encrypt DV certificates
- 2048-bit SSL encryption
- TLS version 1.2
- 90-day certificate renewal
- No HPKP support
- No CSR required
Important Benefits:
- Enhanced visitor trust
- Protected personal information
- Improved site loading speed
- Better SEO performance
Checkout Security:
- Always SSL-protected
- Level 1 PCI compliant
- 128-bit SSL encryption
- Custom domain URL for Commerce plans
Custom Code Considerations:
- Mixed content warnings possible
- Must secure all integrations
- Code-based customizations need review
- Third-party customizations may require updates
Third-Party SSL:
- External SSL certificates not supported
- Must switch to Squarespace SSL
- Requires proper domain connection
- Temporary HTTPS disruption during transition
Remember: SSL certificates cannot be disabled, but you can choose between Secure and Insecure settings based on your needs. For troubleshooting certificate errors or SSL warnings, consult the SSL Troubleshooting guide.
Related Articles
How to Find and Structure Your RSS Feed URL in Squarespace
