Every Craft CMS project deployed on the Servd platform has its SSL certificates automatically generated so there's no need to set anything up manually or purchase your SSL certificates from another service.
Certificates for Development Domains
All of our development URLs (ending in servd.dev) are covered by wildcard SSL certificates which are attached to your projects as soon as they are created.
We don't automatically redirect development domains from http://to https:// to allow you to easily test with SSL enabled and disabled.
Self Signed Certificates For Custom Domains
Once you add a custom domain to a project Servd will automatically generate a self signed certificate for you.
If you try to access your project using the custom domain whilst in this state using http:// everything will work as expected.
We don't automatically redirect these domains to https:// to allow you to easily test with SSL enabled and disabled.
If you try to access your project using the custom domain whilst in this state any https:// URLs will cause your browser to complain about an invalid certificate. You can safely skip this warning to proceed.
Self signed certificates are valid for use behind a Cloudflare proxy so a domain in this state is fine to use with Cloudflare set to 'Full' encryption.
Certificates For Custom Domains
To create an externally signed certificate for your domain you first need to set up appropriate DNS records.
Once these have been set return to the Domains page in the Servd dashboard and click 'Check DNS Records' for the domain you would like to validate.
If your DNS records have been set up correctly and have propagated the validation will succeed.
The next time you Sync your project Servd will do several things:
- Generate a LetsEncrypt certificate for your domain
- Add a 308 redirect for any http:// traffic to https://
- Add HSTS headers to force the use of https moving forward
This process should take between 1 and 2 minutes and once complete your domain will be fully configured to use a valid SSL certificate and keep your visitors' data safe.