Khoros Community

HTTPS encryption migration guide + FAQ

HTTPS encryption migration guide + FAQ

In 2018 Lithium is moving all customer sites to SSL encryption (HTTPS) to safeguard customer data.  HTTPS encrypts all data passed between the end user and your community.  Lithium is ready to work with you to enable, test, and deploy a SSL certificate, to bring your community to full HTTPS delivery. We will also be sending out email notifications to our customers over the next month and a half as a reminder on this. 

 

These changes will result in:

 

  • all pages/resources will be served over HTTPS in production
  • all pages/resources will be served over HTTPS in stage
  • requests for pages/resources/apis over HTTP will be redirected to their HTTPS equivalents

Note that the steps below follow Lithium Standard SSL deployment. Access to Standard SSL deployment is included with existing customer licenses (is free).

 

To get started, we ask that you follow the following steps.

 

  1. Open a support ticket: Please open a support ticket via the case portal so that the support team can begin the process. If you have a technical resource on your side who can assist, please be sure to include them on the CC list when creating the case.
  2. Certificate Procurement or Updates: If your community is not utilizing any form of SSL, Lithium Support will add your domain to the Lithium SAN SSL Certificate and prepare your community for HTTPS migration. If you already have SSL enabled but in partial mode, you’ll be transitioned over to full-site SSL.
  3. Studio Review (Plugin Layer): Lithium Support will review your plugin and attempt to convert any hard-coded community HTTP paths to either use a relative path or HTTPS. More complicated asset updates will be flagged and communicated to your technical contact or may need a services engagement.
  4. Community Admin Updates: While Support will handle the plugin transition, you will need to handle any hard-coded paths contained within the Community admin panel. This includes the announcement sections and custom content modules. If you had customization work done through  Lithium Professional Services, you may have a Settings List Editor section in your admin that will also need to be updated if it contains any fields created for URL’s.
  5. Review on Staging: Once the plugin updates are completed and the certificate procured/updated, you will need to test and review your staging instance. If there’s any problems, please inform support. If there are no problems, we’ll then move on to scheduling the changes for production:
  6. Schedule your Production Deployment: Support will coordinate with you a production HTTPS deployment during a normal maintenance period.

 

FAQ - Frequently Asked Questions

Why is Lithium switching to HTTPS now?

Major browser and search vendors are making changes to flag pages that are delivered over HTTP as 'not secure' after July 2018.  Obviously, this kind of message is not one you want associated with your brand.  HTTPS is also a factor in search engine ranking. It's presumed that search vendors  will add additional weight to HTTPS in their ranking formula this year.

 

What if part of my community is delivered over HTTPS already?

For customers using "mixed mode", Lithium will work with you to enable full site HTTPS using the existing SSL certificate. The steps required on your part are identical for customers using mixed mode.

 

Can I wait?

Not for much longer. Lithium is phasing out support for HTTP communities after 18.7, following best practices and maintaining our commitment to securing customer data.

 

Can I generate my own certificate?

Contact support or your account team for alternative SSL certificate scenarios. Note that alternative scenarios generally carry a charge and require an engagement (SOW). We typically advise against this direction. 

 

What about external domains?

Anything hosted on the community will support HTTPS. However, any references to external domains will require that those domains be under SSL. If you’re using an external asset and the domain does not support HTTPS, we recommend that you upload the asset to your community via studio then update the reference code/URL.

 

What is a SAN SSL certificate?

See the What is the SAN SSL certificate? Article.

 

What are the benefits of using SSL (HTTPS encryption)?

See the Full HTTPS Encryption for all Communities article.

Thank you for your time and we look forward to working with you to migrate you to HTTPS!

Labels (2)
Version history
Revision #:
3 of 3
Last update:
a week ago
Updated by: