Status Pages with SSL

Every status page comes with SSL termination when using a subdomain at status.io. For example: https://yourname.status.io would be encrypted using the *.status.io wildcard certificate.

If you’d prefer to implement SSL using your own domain, you will have to prepare and upload your certificate. Optionally, you can use a dedicated certificate generated by Amazon.

Activating SSL (Dedicated Certificate from Amazon)

Request your certificate from the SSL tab in the Status.io Dashboard.

After clicking the request button, a DNS record will be provided. Add this record to your DNS zone to complete the validation process.

The certificate will be automatically generated once the DNS record is validated. No further action is required.

Note: If you’re using Certificate Authority Authorization (CAA) records to specify the certificate authorities (CAs) that can issue certificates for your domain, add a CAA record to authorize amazon.com.

Activating SSL (Customer Provided Certificate)

Upload your certificate from the SSL tab in the Status.io Dashboard.

Your SSL certificate and key pair must be in the PEM format to implement SSL with your status page.

The order of your certificate is important. Copy the PEM encoded text in the following order:

  • Certificate
  • Private key
  • Certificate chain (CA root and intermediate)

Certificate Requirements:

  1. The size of the public key in an SSL/TLS certificate cannot exceed 2048 bits. (This is not the number of characters in the public key.) You can determine the size of the public key by running the following OpenSSL command: openssl x509 -in path and filename of SSL/TLS certificate -text -noout
  2. The private key must match the public key that is in the certificate.
  3. The private key cannot be encrypted with a password.
  4. The private key also must be an RSA private key in PEM format.

Notes:

  1. HTTPS connections require a minimum TLS version 1.1.
  2. We use SNI for handling SSL connections to status pages. All modern operating systems and browsers support SNI.