9. SSL

Last updated 9 days ago

9. SSL

📖 Overview

The SSL module in ShieldsGuard allows you to manage SSL/TLS settings for your domain — ensuring that all data exchanged between users and your website is encrypted, secure, and standards-compliant.

This module helps you:

Enable HTTPS redirection
Upload and manage custom SSL certificates
View certificate status and key requirements

🛡️ SSL is the foundation of web trust and encryption. ShieldsGuard makes it easy to manage, enforce, and validate your certificates in one secure panel.

🔧 Key Features

🔁 HTTPS Redirection

Function: Automatically redirects all HTTP traffic to HTTPS for the selected domain.

Why It’s Important:

Ensures all sessions are encrypted
Prevents downgrade attacks
Boosts SEO rankings and browser trust

Status Toggle: When enabled, all requests to http://yourdomain.com are forcibly redirected to https://yourdomain.com.

📜 Use Your Own SSL Files

Function: Allows you to upload and use SSL certificates purchased or issued from a third-party Certificate Authority (e.g., DigiCert, Let's Encrypt, Sectigo).

When to Use:

You have your own commercial certificate
You use an internal CA for enterprise networks
You rotate certificates manually or via automation

Process:

Enable the toggle: Use your own SSL files
Provide:
- .cer file content (certificate)
- .key file content (private key)

📁 SSL Upload Fields

1. .cer for SSL

Paste the certificate body (PEM format)
Example begins with: -----BEGIN CERTIFICATE-----

2. .key for SSL

Paste the associated private key (PEM format)
Example begins with: -----BEGIN PRIVATE KEY-----

⚠️ Both the .cer and .key must match. Mismatched pairs will fail to bind and will leave the domain unsecured.

✅ ShieldsGuard SSL (Default)

If no custom certificate is provided, ShieldsGuard will apply a default secure SSL certificate from its managed CA.

Includes:

Valid TLS configuration
Strong ciphers
Browser compatibility
Domain validation

For most users, the default ShieldsGuard SSL is sufficient and actively maintained.

⚠️ Best Practices

Recommendation

Reason

Always enable HTTPS redirection

Enforce encryption for all users

Upload only trusted certificates

Avoid self-signed or test certs in production

Use 2048-bit keys or higher

Ensure strong cryptographic protection

Regularly monitor certificate expiry

Prevent service disruption due to expiration

Validate intermediate chains if needed

Some browsers require full trust chain

💡 Notes

Certificates must be in PEM format
Upload content manually or via API (if available)
Certificate status may take a few minutes to propagate
You can update certificates at any time without downtime

🎯 SSL isn't just a technical necessity — it's a trust signal. ShieldsGuard ensures that your encryption is always up to standard, whether you use built-in protection or bring your own certificate.

Previous8. DNS Next10. Subdomain Manage

Last updated 9 days ago

📖 Overview

This module helps you:

Enable HTTPS redirection
Upload and manage custom SSL certificates
View certificate status and key requirements

🛡️ SSL is the foundation of web trust and encryption. ShieldsGuard makes it easy to manage, enforce, and validate your certificates in one secure panel.

🔧 Key Features

🔁 HTTPS Redirection

Function: Automatically redirects all HTTP traffic to HTTPS for the selected domain.

Why It’s Important:

Ensures all sessions are encrypted
Prevents downgrade attacks
Boosts SEO rankings and browser trust

Status Toggle: When enabled, all requests to http://yourdomain.com are forcibly redirected to https://yourdomain.com.

📜 Use Your Own SSL Files

Function: Allows you to upload and use SSL certificates purchased or issued from a third-party Certificate Authority (e.g., DigiCert, Let's Encrypt, Sectigo).

When to Use:

You have your own commercial certificate
You use an internal CA for enterprise networks
You rotate certificates manually or via automation

Process:

Enable the toggle: Use your own SSL files
Provide:
- .cer file content (certificate)
- .key file content (private key)

📁 SSL Upload Fields

1. .cer for SSL

Paste the certificate body (PEM format)
Example begins with: -----BEGIN CERTIFICATE-----

2. .key for SSL

Paste the associated private key (PEM format)
Example begins with: -----BEGIN PRIVATE KEY-----

⚠️ Both the .cer and .key must match. Mismatched pairs will fail to bind and will leave the domain unsecured.

✅ ShieldsGuard SSL (Default)

If no custom certificate is provided, ShieldsGuard will apply a default secure SSL certificate from its managed CA.

Includes:

Valid TLS configuration
Strong ciphers
Browser compatibility
Domain validation

For most users, the default ShieldsGuard SSL is sufficient and actively maintained.

⚠️ Best Practices

Recommendation

Reason

Always enable HTTPS redirection

Enforce encryption for all users

Upload only trusted certificates

Avoid self-signed or test certs in production

Use 2048-bit keys or higher

Ensure strong cryptographic protection

Regularly monitor certificate expiry

Prevent service disruption due to expiration

Validate intermediate chains if needed

Some browsers require full trust chain

💡 Notes

Certificates must be in PEM format
Upload content manually or via API (if available)
Certificate status may take a few minutes to propagate
You can update certificates at any time without downtime

🎯 SSL isn't just a technical necessity — it's a trust signal. ShieldsGuard ensures that your encryption is always up to standard, whether you use built-in protection or bring your own certificate.