85

Add HTTPS support for custom domains.

HTTPS support (allow uploading certificates for custom domains)

58 comments

  • Avatar
    Strikingly Tech
    Official comment

    Great news! We now fully support HTTPS for custom domains, for free, automatically. Read more here: https://support.strikingly.com/hc/en-us/articles/115000177902-Activate-HTTPS-SSL-for-Free

    It's available for all Pro/Limited users, and for all custom domains - whether or not you registered your domain on Strikingly.

    Please contact us on live chat or email us at support@strikingly.com if you have any questions.

  • 3
    Avatar
    Felix Mann
    I do not agree with the request being "Completed". My request explicitly states "for custom domains", in my opinion meaning "not purchased through strikingly". Furthermore I explicitly state that I want HTTPS support by "allowing uploading certificates for custom domains". Please re-open the ticket.
  • 2
    Avatar
    Martin Suchan
    Hi, any chance to use the Let's Encrypt project for issuing free domain certificates? It will be available in public beta in December: https://letsencrypt.org/ Ideally I'd like to just click "Enable HTTPS" in my site administration and rest will be done automatically.
  • 2
    Avatar
    Jompeame
    I really need this!
  • 2
    Avatar
    DBM
    Please add HTTPS for domains purchased elsewhere. Google is already using SSL as a ranking signal, meaning Strikingly sites are penalized relative to ones hosted at your competitors: http://googlewebmastercentral.blogspot.com/2014/08/https-as-ranking-signal.html Thanks for paying attention.
  • 2
    Avatar
    Justin Wilcox
    Heads up, I'm actually losing sales because HTTPS isn't supported. I use your Celery integration and a potential customer sent me a note today saying... "when I give my credit card number I always want to se "https" on the address line. I admit I do not understand many of the security issues in the web but exactly because of that I am being very cautious and usually buy a book from amazon rather than a page like this." Would be great if Strikingly supported HTTPS so I didn't have to ask myself, how many other potential customers am I losing out on.
  • 2
    Avatar
    Jay Stansell

    After 2 years I cannot believe this is still an open issue. 

    The cloudflare support article has been killed. "Happiness Officer" told me it's because cloudflare had a security bug. I found that ironic. We are talking about our customers entering credit card details on an unsecure, on a strikingly hosted site.

     

     

  • 1
    Avatar
    Anonymous
    how is this progressing, in comparison to other feature requests? do you have an ETA?
  • 1
    Avatar
    team
    I am planning to use the combination of gumroad with strikingly and I have been waiting for the SSL cert capability to make a seamless overlay integration. I strongly stated our desire to have this mandatory feature but I am surprised that even after a year, its still being debated.
  • 1
    Avatar
    Martin Suchan
    Hi, this is a must have feature, more important that any minor UI improvements mentioned elsewhere.
  • 1
    Avatar
    carles
    Hi, this is also jeopardizing our business. Many firms can't go on our website because it is not secure... Can you help us and solve this matter ? Thank you.
  • 1
    Avatar
    James Perkins
    Just to add to the few comments placed. We are also extremely keen for you to develop HTTPS functionality for purchased domains. It looks and we hope it is a priority.
  • 1
    Avatar
    Philippe Boupda
    We share the same remark and concern as Scott Stuart. We have already purchased our domains and we are eager to be able to test the HTTPS functionnality since it is somehow mandatory for our activity.
  • 1
    Avatar
    Scott Stuart
    where are you with this SSL ask?? It's really becoming a BIG issue and customers perceive SSL is needed on homepage regardless if transaction occurs on that page. Most of us have custom domains that were purchased long before Strikingly existed so it doesn't help that your beta is only for sites purchased on strikingly.
  • 1
    Avatar
    Daniel Layne
    While we don't actually transact on our site, even we want SSL for our domain (which we purchased before you guys even existed!). This is my #1 want from Strikingly - your product is amazing but this would give us a big warm feeling inside!
  • 1
    Avatar
    ross harling
    ssl is a must have
  • 1
    Avatar
    Alexandre Sieira
    Also, you should allow a site to be HTTPS only, including http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security support and permanent redirects of HTTP accesses to HTTPS ones. Which in my opinion should be the default setting, but then again I'm a paranoid security professional. :)
  • 1
    Avatar
    Scott Stuart
    WHy did i get email saying HTTPS is now being offered for custom domains only to see it's still just a beta for domains purchasef through strikingly! Very annoyiong as we've been asking for this for a while and I got to tell you it's looking more and more that we will switch to another provider as they're everywhere and offer ssl and other necesary things to sell on line. Please address asap!
  • 1
    Avatar
    Felix Mann
    Hi! I got a message telling me that custom domains will be supported soon. While this is great news (it's surely a step forward :)) this won't help my specific case as we have a custom domain. Therefore my request remains unchanged. I'll try to make peers in my area that are using strikingly aware so that they can actually vote for this functionality. Thanks!
  • 1
    Avatar
    Jyrki Nivala

    This is becoming urgent issue. Please add custom domain support soon. https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html

  • 1
    Avatar
    Brad Grier

    YES. We need this now. Someone from Strikingly please give us an update??

  • 1
    Avatar
    Strikingly Developer

    Google cannot tell if it's "flexible" or not. The insecure connection between CloudFlare and our servers is not visible to Google or any other search engines at all. So it does not affect ranking.

    What kind of "official certificate" are you referring to? If you are referring to your own SSL certificate, it is possible to upgrade on Cloudflare and do so but it's still flexible, which means the SSL cert will be on Cloudflare but not used between Cloudflare and our servers. And the upgrading price of Cloudflare is pretty high.

    We are still trying to figure out a solution to provide full SSL to everyone. Will keep you guys updated for sure.

     

  • 1
    Avatar
    Sean Young


    This issue is becoming acute. Clients have started asking,"why do visitors get this Security warning page??!?". I may not have any choice but to begin migration of sites away from Strikingly if this is not handled with urgency.

    Here is a Jan 2017 article on Google's latest move to shame the internet into full SSL compliance. It appears to be working.

    https://nakedsecurity.sophos.com/2016/09/09/google-to-slap-warnings-on-non-https-sites/

    My clients are forwarding me stuff like this:


     

     

     

     

  • 1
    Avatar
    Javy

    Same here. Please provide a solution to this issue. Otherwise, we will be forced to move as well.

  • 1
    Avatar
    Brad Grier

    For what it's worth, Strikingly helped me set SSL up with Cloudflare after some trail and error of me doing it myself. I've got the lock symbol and the secure site. A hassle but it's done. I agree this needs to be done in house if Strikingly wants to grow. 

    Secondly, it would be nice if someone from Strikingly would respond in this forum. It's the right thing to do for the customers that are threatening to leave. 

  • 1
    Avatar
    Ray

    Hi,

    Same here, https is really needed.

    Best regards,

    Ray

     

  • 1
    Avatar
    Dave Weatherall

    Hey, any update on this from the Strikingly team?

    I am a big fan of Strikingly but this has been disappointing. I would like some clarity.

    Are you working on a solution coming soon?

    If not, what else can we do? For example, do something with Cloudflare? At the very least, switch our domain/s to you guys (not ideal but I guess it might work)...

  • 1
    Avatar
    Happiness Officer

    We have a beta program for SSL, David. Send me the domain that you want to setup with SSL and I'll add you in! 

  • 1
    Avatar
    Happiness Officer

    Hi, Tommy! There shouldn't be. But since we're still on beta program, we're continually improving the experience. Would you like to try it out?

  • 0
    Avatar
    Wxh
    支持https
Please sign in to leave a comment.