SSL is automatically enabled for all correctly pointed domains to Squarespace sites, providing free enhanced security protection. This automatic protection extends to Squarespace domains, third-party domains, subdomains, and children's domain names.

For SSL certificate eligibility:

• Third-party domains must be correctly connected
• Squarespace domains must redirect to a Squarespace site
• Domain names must be 63 characters or fewer

To check SSL certificate status:

1. Open domain names dashboard and verify certificate status is "Issued"
2. Check SSL panel for "Active" status
3. Visit your site's SSL address

SSL Settings Options:

Secure (Preferred)

• Default setting with HSTS enabled
• Redirects all visitors to HTTPS
• Includes HTTPS links in sitemaps
• Benefits SEO through HTTPS indexing

HSTS Secure

• Recommended additional security layer
• Encrypts connections
• Prevents impersonation attempts
• Prevents "Your connection is not private" messages

Insecure

• Allows both HTTP and HTTPS access
• Includes HTTP links in sitemaps
• Search engines index HTTP version
• May cause temporary access blocks when changing settings

Technical Specifications:

• Let's Encrypt certificate authority
• DV (Domain-Validated) SSL certificate
• 90-day renewal cycle
• 2048-bit encryption
• TLS version 1.2
• No HPKP support
• Automatic certificate issuance

Key Benefits:

• Enhanced visitor trust
• Data encryption protection
• Improved site loading speed
• Better SEO performance
• Secure payment processing
• Protection for form submissions

Important Notes:

• SSL cannot be disabled
• Works with all subdomains
• Login credentials are always encrypted
• Certificate processing may take up to 72 hours
• Third-party SSL certificates are not supported
• Mixed content warnings may occur with custom code

For any SSL-related issues, consult the SSL Troubleshooting page for detailed solutions and guidance.

Related Articles

Previous Articles