Status Pages with SSL

Every status page comes with SSL termination when using a subdomain at status.io. For example: https://yourname.status.io would be encrypted using the *.status.io wildcard certificate.

If you’d prefer to implement SSL using your own domain, you will have to prepare and upload your certificate. Optionally, you can use a dedicated certificate generated by Amazon.

Activating SSL

Option 1:  Dedicated Certificate from Amazon

Request your certificate from the SSL tab in the Status.io Dashboard.

After clicking the request button, a DNS record will be provided. Add this record to your DNS zone to complete the validation process.

The certificate will be automatically generated once the DNS record is validated. No further action is required.

Note: If you’re using Certificate Authority Authorization (CAA) records to specify the certificate authorities (CAs) that can issue certificates for your domain, add a CAA record to authorize amazon.com.

Option 2: Customer Provided Certificate

Upload your certificate from the SSL tab in the Status.io Dashboard.

Your SSL certificate and key pair must be in the PEM format to implement SSL with your status page.

The order of your certificate is important. Copy the PEM encoded text in the following order:

  • Certificate
  • Private key
  • Certificate chain (CA root and intermediate)

Certificate Requirements:

  1. The size of the public key in an SSL/TLS certificate cannot exceed 2048 bits. (This is not the number of characters in the public key.) You can determine the size of the public key by running the following OpenSSL command: openssl x509 -in path and filename of SSL/TLS certificate -text -noout
  2. The private key must match the public key that is in the certificate.
  3. The private key cannot be encrypted with a password.
  4. The private key also must be an RSA private key in PEM format.

Notes:

  1. HTTPS connections require a minimum TLS version 1.1.
  2. We use SNI for handling SSL connections to status pages. All modern operating systems and browsers support SNI.

Example Certificate

-----BEGIN CERTIFICATE-----
MIIGEzCCG/EgAwIAAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNV5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEatGAACLCAQEAvMTyNuLny8dHuzc2MaJkeMpF1tUW+gLZ9zJXlO0g7cDCrhY2
/c1gXO23bAIhH+DZZaQIoTuriIC9c36WLRVNoDzrTexDf2SUXxqYdSsQRPLHrfWV
fpekKdmU40BNWYzwea7+w7h8vdGF4Vddq25we5qywQvJtCaYQXQA/YXZqGKSmG/3
R0W1kNxGhNwMx96p3hKxl9k6i8RhxN/AlW5wMi322OvSRXtSEhqoyVx+3fkqc8Pk
6wNx0lJhAoGFXithnvretaLOp6RH+lvDj9qqJHp9HT3X73OFsvzCFe1hnjX3LBfr
MSotlG1ZZMlEdTZknRN9zEXbq9krGIWq+obcMeADAoGAA/YjRxDn+NQPmjUCgKqJ
xErZhrmhUQQA6wXROK2+JGNjhClGK51NofcA1x8ORTZqBNZTsgjFdKO7t/MRpgie
GpqkgENwqibkN1NnPSmWdltxpKJ/3mybr1UddONBzsZsuQee/K6f1uO82oMVuLpq
lOF591FVAzFnVyL+0xeMepECgYBozv7fxndGmtngLUs2
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
-----END CERTIFICATE-----