|QUOTE (GMaster479 @ Mar 11 2017, 02:34 PM)|
|So what are your plans for making this work with custom domain names? Will it be something in the Domain Control Center for the ACP or would it be something we do through our own registrar (namecheap for example)?|
The conundrum with domain names is that each domain needs its own SSL certificate.
We paid for all jcink domain users since it was a wildcard certificate through SSLTrust. Our *.jcink.net certificate was an "expensive" one ($400), but the cert covers everyone for 3 years.
Standard domain name certificates namecheap for SSL are only $9.00/year per domain name. Not so bad, but a significant cost increase yearly for someone who has. And every year the certificate expires, it needs to be renewed and sent to us and I'll have to manually insert their cert.
Ideally what I would like to do for domain owners is utilize a free solution called Let's Encrypt instead ( https://letsencrypt.org/
). A problem with those certificates however, is that they only last 90 days. So a board owner would need to generate a new certificate every 90 days, then give it to us.
Obviously this adds a LOT of labor and inconvenience, along with "complexity", and the first option is less labor for us and the board owner, but adds cost.
The ultimate solution would be a way to enter a lets encrypt account's details into the Admin CP, and have our server automatically go to their site via some API and "create" a cert then load it in. This will take some time to fully implement and I'm not even sure I'll have this implemented by the end of this year.
I will, at the very least I think be ready to accept yearly certificates sometime during the summer via email/support ticket, probably toward the end. Initially we were not planning on going full HTTPS for another year even for the jcink domains, but the decision was made that this would be best for everyone and will make switching to HTTPS less painful when browsers finally "drop the hammer" on HTTP years in the future.