HTTPS is a modern encryption protocol that creates a secure connection between your browser and the sites you visit. Our goal is to provide HTTPS (SSL) connections by default for all Docs sites.
SSL connections add an extra layer of browsing security, letting visitors know that data passed through your website is encrypted and unreadable by third-parties. Additionally, SSL connections prove authenticity, letting visitors know that they’re actually viewing your website, rather than a spoofed(fake) domain.
Your browser indicates a secure connection with a green padlock icon, or text that reads“secure” in the address bar. Secure URLs always start with
. For example, when using a custom CNAME, your secure Docs URL will look something like this:
About the Certificate
Docs SSL certificates are free, 90-day, Domain Validated certificates issued by
Let’s Encrypt allows organizations like Help Scout to obtain and manage SSL certificates on behalf of their customers. It’s important to note that Let’s Encrypt only offers Domain Validated(DV) certificates. Using Let’s Encrypt, we’re unable to provide Organization Validation(OV) or Extended Validation(EV) certificates.
Certificate renewals are triggered daily. Certificates due to expire within the next 30 days will automatically renew with a fresh 90-day certificate. There’s nothing you need to do to renew your certificate, and there is no impact to your Docs site when certificates are renewed.
SSL and Subdomains
HTTPS connections are also supported for Docs subdomains (helpscoutdocs.com). If you're not using a CNAME, you can point customers to the HTTPS version of your Docs site URL. For example: https://subdomain.helpscoutdocs.com. Subdomains also redirect to HTTPS by default.
What happens if our CNAME is updated?
CNAME updates will automatically trigger a new SSL certificate for the new CNAME.
What if I'm using Cloudflare to provide SSL already?
Toggling Flexible SSL off in favor of Full allows CloudFlare to connect to Help Scout over a secured connection. This will prevent Help Scout from generating a redirect in an attempt to secure the connection.