Using SSL with Ezoic

Modified on: Sat, 4 Jul, 2020 at 11:25am

Jump to:

Overview

Nameserver Integration:

    i) Publishers with a pre-existing SSL certificate

    ii) Publishers without a pre-existing SSL certificate

Cloudflare Integration

    i) 'Full'

    ii) 'Flexible'

   iii) 'Strict'



Overview


SSL is fully compatible with Ezoic’s technology for publishers who integrate via the name server or CloudFlare method. SSL is incompatible with the WordPress Plugin integration method. 


When integrating with the platform at a DNS level, we need to make sure that Ezoic has the correct configuration set up so that you can continue serving the site securely on both your original setup and the Ezoic version. This article will tell you how your SSL settings should automatically be configured depending on your integration method. 


For more information on why you should have a SSL certificate click the link below:

Learn more about SSL and moving your site to HTTPS here.



Name Server integration:


i) Publishers with a pre-existing SSL certificate:


When integrating with Ezoic, your SSL certificate is uploaded onto your site’s server. When the client initiates an HTTPS request, Ezoic uses the SSL certificate and decrypts the request. Ezoic then makes a call using HTTPS to your origin server to get the site contents, optimizes the page, and then returns the contents to the user. 


Checklist:


  • Your site is integrated with Ezoic and using Ezoic name servers

  • Your site has a SSL certificate on the server

  • Your SSL certificate is valid

  • You have downloaded the SSL App within Ezoic’s dashboard found under the Settings tab

  • The 'full' option has been chosen.


image


image


ii) Publishers without a pre-existing SSL certificate:


The client initiates an HTTPS request, Ezoic has the SSL certificate and is able to decrypt the request. Ezoic then makes a call using HTTP, unencrypted, to your site’s origin server to get the contents. Following this, Ezoic will optimize the page, encrypt the contents and return this information to the user. 


Checklist:


  • Your site is integrated with Ezoic using Ezoic name servers

  • Your site does not have a pre-exisiting SSL certificate on your server

  • Your hosts (which can include subdomains) have been added in the SSL app to generate Ezoic Certificates

  • You have chosen the 'Flexible' option

  • You can select to automatically redirect all http requests to https after verifying that the https is working on the site (change http to https in the URL).


image



image



Cloudflare Integration: 


To integrate via Ezoic's CloudFlare app, if you have an SSL provided by CloudFlare you need to make sure the SSL app at Ezoic reflects these settings at Cloudflare, for example "Strict", "Full", or "Flexible". 


i) 'Full'


The client initiates an HTTPS request. The request goes to Cloudflare first. Cloudflare decrypts the request and then forwards it to Ezoic as an HTTPS request. Ezoic also has the SSL certificate and decrypts the request. Ezoic then makes a call using HTTPS to the site’s origin server to get the content, optimizes the page, and then returns the content to Cloudflare, who returns this information to the user.


Checklist


  • Integrate your site with Ezoic via the Cloudflare app (using Cloudflare name servers) 

  • Your site is using Cloudflare 'Full' (or 'Strict') SSL

  • SSL Certificate/Key are uploaded to Ezoic or SSL app is installed in Ezoic’s dashboard.


ii) 'Flexible'


The client initiates an HTTPS request. The request goes to Cloudflare first. Cloudflare decrypts the request and then forwards to Ezoic as an HTTP request. Ezoic receives the un-encrypted request. Ezoic then makes a call using HTTP to the site’s origin server to get content, optimizes the page, and then returns the contents to Cloudflare. Cloudflare encrypts the response to return to the user.


Checklist


  • Your site is integrated with Ezoic via Cloudflare app (using Cloudflare name servers)

  • Your site is using Cloudflare 'Flexible' SSL

  • No action required in Ezoic dashboard.


iii) 'Strict'


A publisher with a pre-existing SSL certificate and is using CloudFlare may see that their settings are set to strict. This works in the same way that the full setting would except it means that the origin SSL certificate MUST be valid. The client initiates an HTTPS request. The request goes to Cloudflare first. Cloudflare decrypts the request and then forwards it to Ezoic as an HTTPS request. Ezoic also has the SSL certificate and decrypts the request. Ezoic then makes a call using HTTPS to the site’s origin server to get the content, optimizes the page, and then returns the content to Cloudflare, who returns this information to the user.


Checklist


  • Your CloudFlare settings are set to strict.
  • Your origin certificate is valid:
  • Unexpired
  • Issued by a trusted certificate authority
  • Contains a common name or subject alt name that matches the requested host name.


Loading ...