Docs SSL

HTTPS is a modern encryption protocol that creates a secure connection between your browser and the sites you visit. Our goal is to provide HTTPS (SSL) connections by default for all Docs sites. 

In this article

About SSL

SSL connections add an extra layer of browsing security, letting visitors know that data passed through your website is encrypted and unreadable by third-parties. Additionally, SSL connections prove authenticity, letting visitors know that they’re actually viewing your website, rather than a spoofed(fake) domain. 
Your browser indicates a secure connection with a green padlock icon, or text that reads“secure” in the address bar. Secure URLs always start with https://. For example, when using a custom CNAME, your secure Docs URL will look something like this: https://docs.helpscout.net

About the Certificate 

Docs SSL certificates are free, 90-day, Domain Validated certificates issued by Let’s Encrypt
Let’s Encrypt allows organizations like Help Scout to obtain and manage SSL certificates on behalf of their customers. It’s important to note that Let’s Encrypt only offers Domain Validated(DV) certificates. Using Let’s Encrypt, we’re unable to provide Organization Validation(OV) or Extended Validation(EV) certificates. 

Certificate Renewals

Certificate renewals are triggered daily. Certificates due to expire within the next 30 days will automatically renew with a fresh 90-day certificate. There’s nothing you need to do to renew your certificate, and there is no impact to your Docs site when certificates are renewed. 

Release Progressions

Over the next few weeks, we’re rolling out SSL support for Docs sites in a few distinct stages. There are two dates to keep in mind: 
  • January 8, 2018: As new certificates are issued, your site(s) will magically start working under HTTP or HTTPS. Either one works.
  • February 15, 2018 : All HTTP connections will be redirected automatically to HTTPS. 

Stage 1: Enable HTTPS

Valid Docs CNAMEs will automatically receive an SSL certificate from Let’s Encrypt. You’ll see the green padlock and secure URL in your browser’s address bar when visiting your Docs site. 

Stage 2: Article Parsing

During this stage, we’ll auto-convert any embedded article links to respect the route the visitor takes when accessing your Docs site. For example, when accessing a Docs site using an HTTP link, the browsing session will remain in HTTP.  When accessing a Docs site using HTTPS, the session will remain in HTTPS. 

Stage 3: HTTPS by Default 

Once deployed, incoming HTTP connections will automatically change to HTTPS connections. This will happen on February 15, 2018. 

Next Steps

Docs sites that contain non-HTTPS resources, such as Javascript, CSS, externally imbedded images, should be updated to use HTTPS. Once HTTPS is on by default, non-HTTPS resources will cause a mixed content browser warning when customers attempt to access the Docs site.
Note: Images uploaded through the Docs editor are HTTPS by default. Videos embedded from most popular video services (YouTube, Wistia, Vimeo) are also HTTPS by default. These assets do not need to be updated. 

SSL and Subdomains 

HTTPS connections are also supported for Docs subdomains (helpscoutdocs.com). If you're not using a CNAME, you can point customers to the HTTPS version of your Docs site URL. For example: https://subdomain.helpscoutdocs.com. 

Common Questions

What happens if our CNAME is updated?  
CNAME updates will automatically trigger a new SSL certificate for the new CNAME. 
What if I'm using Cloudflare to provide SSL already? 
You can continue to use a Cloudflare proxy if you'd like. If you'd rather have us handle the certificate, send us an email and we'll get you sorted. 

Still stuck? How can we help? How can we help?