Wikispaces Private Label uses SSL encryptionfor authentication requests--that is, the process of users logging in and out with their password-- by default. You can also turn on on SSL encryption for all data traveling between your site and your users if you choose.
How do I set up SSL for my Private Label site?
Before you can enable SSL encryption, you will need a certificate to apply to your site. Our costumers typically purchase their own wildcard SSL certificate along with a custom domain (e.g.,companywiki.com). You can purchase wildcard SSL certificates from a variety of vendors, for approximately $200 per year. NameCheap.com is one vendor who provides a variety of affordable certificates, though any vendor's wildcard certificates will work with Wikispaces Private Label.
The certificate must be a wildcard certificate that matches the site domain exactly:
- If your site domains is wiki.companywiki.com, your certificate must be for *.companywiky.com
- A wildcard certificate that does not match your site domain-- such as *.companywiky.com or wiki.companywiki.com-- will not work properly
- This restriction, unfortunately, is out of our control: this is how modern browser interpret SSL certificates.
To complete the installation of the certicate, we sill need it in PEM or Apache format along with the unencrypted private key the certicate was generated from. When you are ready to provide your certificate, contact us at firstname.lastname@example.org or 414-863-8919. Do not send these files via email. Doing so compromises the security of the certificate. Instead, just let us know you're ready and we will provide a source a secure form for uploading the files.
It's also possible yo use a wildcard certificate for your domain on wikispaces.net. Please contact us if you are interested in this option.
Why do I need separate SSL certificates?
Nearly all modern browsers requiere that a wildcard SSL certificate match the "level" of the domain you're browsing. For example, the wildcard certificate for *.example.com is invalid for the URL http://marketing.wiki.example.com-- the correct certificate for this URL would be *.wiki.example.com.
Can I generate my own self-signed SSL certificate?
You can; however, each visitor your site will need to accept the certificate in their browser, as it will not be signed by a certificate authority.
Still have questions? Send us an email at email@example.com