Status Pages with SSL
Every status page comes with SSL termination when using a subdomain at status.io. For example: https://yourname.status.io would be encrypted using the *.status.io wildcard certificate.
If you’d prefer to implement SSL using your own domain, you will have to prepare and upload your certificate. Optionally, you can use a dedicated certificate generated by Amazon.
Activating SSL
Option 1: Dedicated Certificate from Amazon
Request your certificate from the SSL tab in the Status.io Dashboard.
After clicking the request button, a DNS record will be provided. Add this record to your DNS zone to complete the validation process.
The certificate will be automatically generated once the DNS record is validated. No further action is required.
Note: If you’re using Certificate Authority Authorization (CAA) records to specify the certificate authorities (CAs) that can issue certificates for your domain, add a CAA record to authorize amazon.com.
Option 2: Customer Provided Certificate
Upload your certificate from the SSL tab in the Status.io Dashboard.
Your SSL certificate and key pair must be in the PEM format to implement SSL with your status page.
The order of your certificate is important. Copy the PEM encoded text in the following order:
- Certificate
- Private key
- Certificate chain (CA root and intermediate)
Certificate Requirements:
- The size of the public key in an SSL/TLS certificate cannot exceed 2048 bits. (This is not the number of characters in the public key.) You can determine the size of the public key by running the following OpenSSL command:
openssl x509 -in path and filename of SSL/TLS certificate -text -noout
- The private key must match the public key that is in the certificate.
- The private key cannot be encrypted with a password.
- The private key also must be an RSA private key in PEM format.
Notes:
- HTTPS connections require a minimum TLS version 1.1.
- We use SNI for handling SSL connections to status pages. All modern operating systems and browsers support SNI.
Example Certificate
-----BEGIN CERTIFICATE----- MIIGEzCCG/EgAwIAAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB iDELMAkGA1UEBhMCVVMxEzARBgNV5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38 sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL 6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5 yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K 00u/I5sUKUErmgQfky3xxzlIPK1aEn8= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- MIIEatGAACLCAQEAvMTyNuLny8dHuzc2MaJkeMpF1tUW+gLZ9zJXlO0g7cDCrhY2 /c1gXO23bAIhH+DZZaQIoTuriIC9c36WLRVNoDzrTexDf2SUXxqYdSsQRPLHrfWV fpekKdmU40BNWYzwea7+w7h8vdGF4Vddq25we5qywQvJtCaYQXQA/YXZqGKSmG/3 R0W1kNxGhNwMx96p3hKxl9k6i8RhxN/AlW5wMi322OvSRXtSEhqoyVx+3fkqc8Pk 6wNx0lJhAoGFXithnvretaLOp6RH+lvDj9qqJHp9HT3X73OFsvzCFe1hnjX3LBfr MSotlG1ZZMlEdTZknRN9zEXbq9krGIWq+obcMeADAoGAA/YjRxDn+NQPmjUCgKqJ xErZhrmhUQQA6wXROK2+JGNjhClGK51NofcA1x8ORTZqBNZTsgjFdKO7t/MRpgie GpqkgENwqibkN1NnPSmWdltxpKJ/3mybr1UddONBzsZsuQee/K6f1uO82oMVuLpq lOF591FVAzFnVyL+0xeMepECgYBozv7fxndGmtngLUs2 -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV 3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV 3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -----END CERTIFICATE-----