SSL certificates are automatically provided for all correctly directed domains on Squarespace, offering enhanced security and protection against hackers. This includes Squarespace domains, linked third-party domains, subdomains, and integrated domains.

SSL Certificate Requirements:

• Domain must be correctly linked or pointing to Squarespace
• Domain names must be 63 characters or less
• DNS records must be properly configured

Checking SSL Status:

1. Check domain panel for "Issued" status
2. Verify "Active" status in SSL panel
3. Visit your site to confirm SSL certificate

SSL Settings Options:

Secure (Recommended)

• Redirects all traffic to HTTPS
• Includes HTTPS in sitemap
• Improves SEO through HTTPS indexing
• Requires SSL-compatible browsers

Secure HSTS

• Maintains encrypted connections
• Prevents security attacks
• Recommended alongside Secure setting
• Helps avoid "connection not private" errors

Not Secure

• Allows both HTTP and HTTPS access
• Includes HTTP in sitemap
• Search engines index HTTP version
• May cause access issues if changed from HSTS

Technical Specifications:

• Uses Let's Encrypt for DV SSL certificates
• 2048-bit SSL encryption (except checkout)
• TLS version 1.2 for HTTPS connections
• 90-day certificate renewal cycle
• No support for HPKP
• No CSR required

Benefits of SSL:

• Enhanced visitor confidence
• Protection of sensitive data
• Potential performance improvements
• SEO advantages

Important Notes:

• Checkout pages always use SSL regardless of settings
• Custom code may cause mixed content warnings
• External SSL providers are not supported
• Subdomains receive separate certificates
• Account login details remain encrypted regardless of SSL settings

For any SSL-related issues, check DNS records and follow troubleshooting steps if warnings persist beyond 72 hours after configuration changes.

Related Articles

Previous Articles