With Managed HTTPS, all Pantheon customers receive a dedicated HTTPS certificate and the option to configure encryption before launch.
Managed HTTPS utilizes APIs from the non-profit Let’s Encrypt to provision and manage certificates, of which Pantheon is a proud sponsor. Those certificates are then deployed and enforced with end-to-end encryption via our Global CDN powered by Fastly’s distributed points of presence. Global CDN leverages Fastly’s globally distributed points of presence to enable sub-second page loads, all with zero required configuration.
In the past, as many as 100 domains from various sites and customers were bundled together on a shared certificate. Now, every site environment on Pantheon receives its own unique certificate for HTTPS that is not shared with any other sites or customers.
In our current environment, an online presence is more important than ever. With dedicated certificates, every site environment receives its own certificate for HTTPS. This means you won’t have to worry about potential negative impacts on brand reputation because your domain is associated with a different customer.
Our team upgraded the underlying integration with Let’s Encrypt (from ACMEv1 to ACMEv2) and migrated everyone to dedicated certificates, all without customers needing to lift a finger, and with zero interruptions to HTTPS service.
No More Insecure Launches
If you’re on the web, encryption is not an option which is why in 2019 we started enforcing HTTPS by default. Sites without HTTPS are even penalized with poor SEO results. As part of this upgrade, you now always have the option to configure HTTPS before going live, eliminating gaps in security for you or your visitors.
We’ve also added a new way to verify your domain to make it easier to launch, so in addition to the file challenge method, you can now verify domain ownership by simply creating a DNS TXT record. Add a new domain to a site dashboard to see the new interface. For more details see our Launch Essentials Guide.
Go Forth and Make Awesome!
Pantheon continues to provide Managed HTTPS and Global CDN free of charge and now all customers get dedicated certificates and additional options during go-live. Never worry about an expired certificate, because it's always free and automatically renewed.
Configuring HTTPS before go-live means no more insecure launches. Automating HTTPS is one more way Pantheon frees you to focus on getting business results from your sites.
You might also like:
- How Decoupled Architectures Can Benefit the Entire Web Team, and Drive User Engagement
- Getting Started with WP-CLI
- Four Ways to Boost Engagement on Your Website