SSL certificates automatically protect domains pointed to Squarespace sites, enhancing security and preventing unauthorized access. Here's what you need to know about SSL certificates and how to manage them effectively.

SSL Certificate Requirements

• Available for Squarespace Domains, third-party linked domains, subdomains, and integrated domains
• Domain must be correctly pointed to Squarespace
• Domain names must be 63 characters or less
• External domains need proper DNS records

Checking SSL Status

1. Check Domains panel for "Issued" status
2. Verify "Active" status in SSL panel
3. Visit your site to confirm the certificate

SSL Security Settings

Secure (Recommended):

• Redirects all traffic to HTTPS
• Includes HTTPS in sitemap
• Benefits SEO
• Requires SSL-compatible browsers

Secure HSTS:

• Maintains encrypted connections
• Prevents security breaches
• Recommended for optimal security

Not Secure:

• Allows both HTTP and HTTPS access
• Includes HTTP in sitemap
• Used for domains pre-October 2016

Technical Specifications

• Let's Encrypt certification authority
• 2048-bit SSL encryption
• TLS version 1.2
• 90-day certificate renewal
• No HPKP or CSR required

Commerce Security

• Checkout pages always SSL-protected
• Level 1 PCI compliance
• 128-bit SSL encryption
• Custom domain visible in checkout URL (Basic/Advanced plans)

Managing Custom Code

• Address mixed content warnings
• Update HTTP resources to HTTPS
• Ensure third-party integrations are SSL-compatible
• Test custom code thoroughly

Benefits of SSL

• Enhanced visitor trust
• Data encryption
• Improved site performance
• Better search engine ranking
• Protection against cyber threats

Troubleshooting Tips

• Allow up to 72 hours for certificate updates
• Verify domain pointing
• Check DNS records
• Monitor browser warnings
• Ensure proper subdomain configuration

External SSL providers are not supported - use Squarespace's built-in SSL protection for optimal security and performance.

Related Articles

Previous Articles