Introduction - What is HTTPS?

We’re often asked why it’s essential to make landing pages “secure”. Secure means that pages are served as HTTPS instead of HTTP. The short answer is that HTTPS has become the standard, it’s expected and in some case required for serving web pages.

Hypertext Transfer Protocol Secure (HTTPS) adds a layer of security on the data in transit from a web page to a browser through a secure socket layer (SSL) or transport layer security (TLS) protocol connection.

In brief, here are a few important reasons:

• HTTPS is becoming a requirement. Browsers have begun to flag HTTP sites as insecure. That doesn’t create the best impression to your users.
• HTTPS protects your user’s privacy by preventing intruders from passively listening to communications between your websites and users.
• HTTPS prevents others from injecting information (scripts, images, or ad content) into your web pages and into the user’s browser. Folks with malicious intent could even include inject malware over insecure sites.

Instructions to Implement HTTPS

To implement HTTPS support for your eTrigue landing pages, refer to the table below to determine the scenario that is applicable to your organization’s situation.

Scenario 1 - Purchase a new SSL Certificate

Your organization purchases a SSL certificate from a 3rd Party Certificate Authority, such as GoDaddy, Verisign, Digicert, GeoTrust, etc. This SSL certificate will then be applied to your landing page subdomain to support HTTPS.

1. Send an email to the eTrigue Success Team at success@etrigue.com and provide the following information to generate a Certificate Signing Request (CSR). The CSR is required to start the SSL certificate purchase process:
   
   
   1. Country Name (Standard 2 Letter Country Code; example: US for United States):
   2. State or Province Name (example: California):
   3. Locality Name (example: San Jose):
   4. Organization Name (example: Company Inc.):
   5. Organization Unit (example: IT Department):
   6. Common Name (Name of the domain to secure: example: go.domain.com):
   7. Email Address (example: IT_department@company.com):
      
      
2. After we have received the information above, we will return a CSR to your organization via email.
   
   
3. Choose a Certificate Authority (CA) of your choice and use the CSR to purchase a SSL certificate. If your CA prompts you to specify a server type, choose Apache (+ModSSL).
   
   
4. Send the purchased certificate to success@etrigue.com.
   
   IMPORTANT: It is strongly recommended that users provide the certificates within a zip attachment (.zip).
   
   Users should password protect the zip file before sending it to success@etrigue.com and call the Customer Success Team at 408-490-2903 to provide their password over the phone.
   
   
5. We will apply your certificate to your landing page subdomain to support HTTPS.
   
   Please allow for 2-3 business days to complete. A confirmation email will be sent to let you know when the work is completed.

Scenario 2 - Use Your Existing Wildcard SSL Certificate

If your organization maintains a wildcard SSL certificate for your main domain, the same SSL certificate can be used to secure your subdomain if the root domain is the same.

1. Provide the following to success@etrigue.com: 
   • the wild card SSL certificate
   • any Intermediate certificates
   • the Private Key used to generate the SSL certificate (your CA Authority should have provided this key)
     
     IMPORTANT: It is strongly recommended that users provide the certificates within a zip attachment (.zip).
     
     Users should password protect the zip file before sending it to success@etrigue.com and call the Customer Success Team at (408) 490-2903 to provide their password over the phone.

2. After all items have been received, we will apply your certificate to your landing page subdomain to support HTTPS.
   
   Please allow for 2-3 business days to complete. A confirmation email will be sent to let you know when the work is completed.