Implementing SSL

Our SaaS offering of CM1 provides the option to run SSL (HTTPS) on your S3-based websites in order to encrypt traffic in-transit between the client browser and the web server.

In order to implement this service you will need to provide our Customer Success team with the appropriate public key certificate, certificate chain, and private key (in RSA format and with no embedded password), which we will upload to the Amazon S3 bucket that your site is hosted on.

For Percussion SaaS clients, there are a few considerations to preparing your domain for the switch-over.

Clients will need to provide our tech support staff with the four (4) files in total:

  • The completed SSL Certificate file

  • The private key file

  • Certificate signing request (CSR)

  • Certificate Root Chain

The certificate needs to be in .pem format.

Percussion's SaaS platform is powered by Amazon Web Services, so if your SSL certificate provider offers options for what type of certificate to download, do not select "Apache" or "IIS". If an option is offered, select "Other".

Also, Amazon does not work with certificates that have passwords assigned to them, so be sure to omit a password on your SSL certificate.

Percussion strongly suggests the use of wildcard certificates so that various hostnames may be used at your discretion without causing certificate errors.

Further, wildcard certificates are mandatory if you would like to implement HTTPS and will be using DNS "@" or wildcard hostnames, as discussed in the DNS section.

Requesting an SSL certificate and setting it up successfully can be a complex process, so please contact Customer Success for further information or to coordinate the implementation of SSL for your website.