- Manage SSLs
- AmeriCommerce Auto SSL
- Shared (free) SSL
- EV or OV SSL
- Third Party SSL
- SSL Expirations
SSL Certificates serve three primary functions:
- Secure private information between the web servers and the customers as they browse the site by using encryption.
- Secure the administration console so sensitive passwords, credit card numbers, and customer data cannot be intercepted.
- Provide a Secure Seal on the site that shows your customers that you protect their data and that you are a legitimate company.
Once you're logged into the Admin Console of your site, click on the user icon at the top right and select "Manage Account". Or alternatively, **Settings > Store Information > Domain Control. From here you'll be taken to the domain control page where you can manage SSLs for your site(s).
Once you select change you will see the following selections:
AmeriCommerce Auto SSL
The AmeriCommerce Automated SSL is a new feature that we are proud to offer from our partnership with Cloudflare. Our Automated SSL feature offers all of our customers a Domain Validated SSL certificate for their custom domain name for a fraction of the price of a standard SSL certificate, while also preventing expiration and renewal problems. Instead of an annual expiration date like other certificates, you can opt-in for this to be added to your monthly plan and never have to worry about renewing or expiration dates.
Shared SSL (Free)
By default, AmeriCommerce is installed using our Shared SSL certificate. This is a free service we offer to make sure your site is secure from the beginning. The downside to this is when a customer visits a secure link during checkout, they will be transferred seamlessly to "yourstorename.americommerce.com", and back again once they leave the secured area. Also you cannot use a Secure Site Seal with this method. When people click on the SSL logo on their browser, they will see AmeriCommerce as the company owning the certificate. There is nothing additional that you need to do to configure this option because we maintain the SSL.
EV or OV SSL
EV and OV SSLs can be purchased on the SSL management section of the domain control page in the admin console. If you are curious about the difference:
- OV - Organization validated SSL Certificates provide a stronger level of security because the Certificate Authority verifies domain ownership plus includes authentication of the organization behind the domain.
- EV - Extended validated SSL Certificates provide an even stronger level of security because the Certificate Authority verifies domain ownership and requires a more extensive verification of the organization behind the domain.
All SSL certificates we sell utilize the same 2048 bit key length industry standard. Check with the individual Certificate Authority for detailed information on each certificate listed.
Third Party SSL
Have your own SSL Certificate and want to have it applied to your AmeriCommerce site? Choose the 3rd party SSL installation service. We will then guide you thru the process to have your certificate issued for use with your site. Note: After July 2018, all SSLs must use SHA2 and TLS1.2. Also be advised that 3rd Party installs start with re-keying the SSL. Once the 3rd Party SSL has been re-keyed, and an installation purchased, the installation process can proceed.
If you are using the AmeriCommerce Auto SSL, you don't have to worry about your SSL expiring. However, if you have an EV or OV SSL that you've been alerted is expiring soon, place an order for a new one in the SSL management area of the domain control page. Once your order is placed, our IT team will respond to you via support ticket (email) as soon as possible for installation.
PRO-TIP: There are many tools only that you can use to check the expiration date of your SSL, for example: https://www.sslchecker.com/sslchecker.
AmeriCommerce treats SSL's as expired on 1st of the month of the month in which it is set to expire.
For example, if your SSL expires on the October 3rd - AmeriCommerce treats this as an expiration on October 1st. If your SSL expires on October 31st - AmeriCommerce treats this as an expiration on October 1st.
The reason for this: AmeriCommerce performs PCI security scans on or around the 14th of every month. In order for our platform to ensure proper e-commerce compliance, we must ensure all SSL's are valid and unexpired.
We highly recommend for our clients to renew their SSL's as soon as they receive notification of an upcoming expiration. We send email notices 90 days prior to an SSL expiration to give enough time for you to properly prepare for renewal. If you don't want to deal with renewal dates, you can always sign up for the AmeriCommerce Auto SSL.
What happens if I don't renew my SSL by the 1st, or by the time a scan is performed? Your website will automatically be placed on AmeriCommerce's Shared SSL (Free) until a renewed SSL is installed. This means your website will no longer have a secured homepage. You will still be able to accept payments and operate your online store as usual. Upon a renewed SSL installation, your website will once again be secured across your entire domain.
Preventative Measures: The best way to avoid being automatically switched to the Shared SSL is to renew your certificate as soon as possible once you receive notification. You can renew your SSL at any time in the SSL management area of the domain control page OR you can sign up for the AmeriCommerce Auto SSL and no longer worry about expiration dates.