Magento TLS/HTTPS setup & hardending

June 30, 2018 is the deadline for disabling SSL/early TLS and implementing a more secure encryption protocol – TLS 1.1 or higher (TLS v1.2 is strongly encouraged) in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data.

source: https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

July 30, 2018 New release of Chrome 68, “Not secure” label appears to the left of the URL for every page loaded over HTTP.

source: https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

Use our service to implement strong TLS for your Magento store. If you have no TLS(SSL) certificate, we issue a new domain verified TLS/SSL certificate for your store on our own. The procedure is as follows:Magento SSL lock
  • you submit the TLS/SSL certificate installation request with this form
  • we verify access details and issue a new TLS/SSL certificate if needed (RSAsha256 or ECDSA)
  • we notify you about starting installation process
  • we configure your web-server to
    • use your new TLS/SSL certificate
    • disable deprecated TLSv1.0, SSLv2, SSLv3 protocols
    • use optimal SSL cipher suite in server-side preferred order
    • we configure Magento to use HTTPS for admin, checkout and frontend if needed (according to the options in your request form)
    • we adjust theme header/footer templates with hardcoded plain HTTP includes to use HTTPS when served over HTTPS
    • we verify the installation with industry standard Qualys SSL test and provide you the verification link
    • you confirm the installation
    In case of unsatisfactory results and incapable/shared web-server that can not be configured properly, payment transaction is rolled back (full refund).

    This form will initiate the SSL certificate installation procedure.

    What is your e-mail address?

    What is the main domain (Base URL) of your Magento store?

    What are add-on domains or subdomains that run on your Magento store?

    Folder on your Magento installation where we can find the TLS/SSL certificate to be installed
    (if this field empty we just issue a new TLS/SSL certificate):


    Please leave this field empty.

    Access details:

    $50Buy now with PayPal