Securing custom domains with security certificates
To secure a custom domain (such as www.nycs.net instead of nycs.wildapricot.org), you need to obtain a custom security certificate that Wild Apricot staff can install on your site. After that, you can set your traffic encryption to Always. If you use a custom domain without purchasing a security certificate, visitors who access your site by manually entering https will typically see a security warning displayed by their browser (e.g. "not secure" or "connection not private"). They can ignore it and use the site but may be scared away by the warning.
Obtaining a free Let's Encrypt certificate
Let's Encrypt offers free security certificates for custom domains. Since installing security certificates from Let's Encrypt is simpler than installing certificates from other vendors, Wild Apricot does not charge an installation fee or a renewal fee for security certificates from Let's Encrypt.
To get a security certificate from Let's Encrypt installed on your Wild Apricot site, have a full account administrator send an email requesting a security certificate from Let's Encrypt to Wild Apricot support, and include your custom URL and Wild Apricot account number in the message. We'll let you know once it's installed.
Obtaining a security certificate from any other vendor
The cost of a one-year security certificate from a vendor other than Let's Encrypt begins around $100. To install the security certificate from a vendor other than Let's Encrypt on your custom domain, we charge an initial fee of $50 and a renewal fee of $50.The steps involved in purchasing and installing a custom security certificate from a vendor other than Let's Encrypt are as follows:
- Choose a security certificate vendor. You should avoid purchasing certificates from WoSign and StartCom. They are no longer considered to be trusted authorities. For details, click here.
- Have a full account administrator send an email to Wild Apricot support and provide the following information:
Country/region Name (2 letter code)
You can find your two-digit country code at: www.digicert.com/ssl-certificate-country-codes.htm
State/province (full name)
The legally registered name of your organization/company (maximum 64 symbols, including spaces).
Organizational unit name
The name of your department within the organization (frequently this entry will be listed as "IT," "Web Security," or is simply left blank).
The name/domain through which the certificate will be accessed (usually the fully-qualified custom domain name e.g. www.domain.com. Note some vendors might not generate the SSL certificate for both www.domain.com and domain.com, so be sure to specify the main domain you would like to use).
- Our support representative will generate and email you a CSR (Certificate Signing Request). You can use the CSR to order an SSL certificate from your vendor. For security reasons, we cannot accept the sharing of the SSL private keys, or install on our servers SSL certificates that were not based on our Certificate Signing Requests (CSRs).
- Visit your vendor's website and use the CSR to order your certificate. Make sure the SSL certificate you purchase is for Apache or Nginx, and make sure your vendor includes the following statements in the SAN (Subject Alternative Name) section of the certificate so that it applies to your website's URL with and without the www: DNS Name=www.yourdomain.com DNS Name=yourdomain.com
- After receiving the SSL certificate from your vendor, email it to us – usually it is an archive file or CRT/CER files provided by certificate vendor – and separately send the intermediate certificate file.
- After we receive the certificate from you, we'll install it on your website and let you know when we're done.
- Finally, we will instruct you to update your custom domain's DNS settings. We'll provide the details but you'll need to contact your domain name provider, or access your domain registrar account online, to perform this step.
Once the process is complete, we'll invoice you for the installation fee.
Secure site seals
When you purchase a security certificate from a vendor, you are usually entitled to display the branded seal on your site to let visitors know your site is secure.
For information on obtaining the HTML code to display the seal on your site, visit your vendor's website. The following links provide information on obtaining the code from some of the more popular vendors: