Uberflip provides SSL certificates for hub domains through either Uberflip-managed or customer-managed methods. Uberflip-managed SSL uses free certificates from Let's Encrypt that are automated and simple to apply, while customer-managed SSL allows clients to use their own certificates which require sending PEM files to Uberflip for manual renewal. To identify the SSL method, check the domain settings page to see if the "Allow LE Cert" button is present or contact Uberflip support.

1. SSL for Hub
Domains
CX Fuel 🔥

2. Agenda
Today we will look at:
• What is SSL
How the hub domain utilizes the SSL
• Uberflip SSL Certs VS Customer Managed SSL Certs
Process of applying the UF LE SSL Cert
Process of applying Customer Managed SSL Certs
• How to verify which cert a domain is using

3. What is SSL
• SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer
Security), are protocols for establishing authenticated and encrypted
links between a web server and a web browser. Companies and
organizations need to add SSL certificates to their websites to secure
online transactions and keep customer information private and
secure.
• At Uberflip we apply SSL to the hub domains to ensure the domain
URL and all webpages on the hub are secure.

4. Uberflip Managed SSL Certs
VS
Customer Managed SSL Certs

5. Uberflip SSL Certs
• To set up SSL for Hubs, we use certificates from Let's Encrypt.
Benefits to clients:
• Free: Unlike traditional CAs, Let's Encrypt provides and validates
certificates at no cost
• Automated: The entire enrollment process for certificates is automated, as
is renewal of the certificate upon expiration
• Simple: With Let's Encrypt certificates, you don't need to worry about
payment, installation, or keeping track of expiring certificates

6. How to Apply the LE Cert
To apply the LE cert, click on your name in the top right corner of the
Uberflip app, then go to Account Settings > Services > Domains
Find the domain in the list, then click on the Allow LE Cert button that
appears beside it.
*Note: it takes overnight to apply

7. Customer Managed Certs
• Opts to using their own self-managed cert
• When cert expires, client is responsible for sending us a new cert to
renew, client required to send a PEM file to add the new cert on the
Uberflip end
-The PEM file should be sent to us securely using https://securesha.re/
• Major organizations tend to manage their own certs for security
reasons – they have dedicated security teams to handle these
requests

8. How to Apply the Customer Managed Cert
• When a customer provides us with a PEM file we file an OPs ticket to
inform the Infrastructure team with the file and password to manually
renew the cert.
Example of an Ops ticket:
• https://uberflip.atlassian.net/browse/OPS-12178
• This process can take up to 5 business days!

9. Can you switch between the two SSL
methods?

10. How to identify which SSL method a client is
using…

11. Questions?

12. Thank you!