To fully customize your portal, TalentLMS lets you map a custom domain instead of using the default TalentLMS domain. However, for your website to be secure and certified as safe for users and visitors, you need to set up an SSL (Secure Sockets Layer) connection.
SSL certificates are used to establish a secure encrypted connection between a server (i.e., the website) and a web browser (i.e., the end user's computer). An SSL connection protects all the sensitive data (i.e., passwords, etc.) exchanged during sessions (i.e., visits to the website). At the same time, it boosts credibility by labeling a website as safe and trustworthy (i.e., the lock symbol next to the URL).
In theory, one can use a self-signed SSL certificate to secure their connection. However, most systems, including browsers, don’t trust self-certified certificates. Instead, they rely on trusted third-party entities known as Certificate Authorities (CA) to vouch for the authenticity of an SSL certificate (nearly always for a fee). There are many types of SSL certificates and many providers to choose from.
TalentLMS offers you two options for securing and certifying your custom domain:
- Use our SSL certificate by LetsEncrypt.
- Use an SSL certificate by the CA of your choice.
Let’s have a closer look.
Activating SSL for a custom domain requires a certain level of technical expertise and collaboration between your team and ours.
A. Activate your SSL certificate for your custom domains
From TalentLMS 3.5 onwards, we have simplified the SSL activation process by integrating with LetsEncrypt to offer you a SSL certificate for your custom domain. This is enabled by default for Basic, Plus and Premium plans.
|Note: Due to restrictions by the LetsEncrypt service, our SSL certificate can cover up to 100 different hostnames. If your portal has or is expected to have more than 99 branches, then you must issue your own wildcard SSL certificate.|
B. Use your own SSL certificate for your custom domains
First, you need to choose one of the many acclaimed Certificate Authorities such as GeoTrust, Comodo, Symantec, and Thawte. For your convenience, all major domain providers (e.g., GoDaddy, NameCheap) let you purchase an SSL certificate from various CAs directly from your admin interface.
|Note: You can use your own SSL certificate with one of the Plus, and Premium plans only. However, there’s an additional cost attached due to the required manual work. To learn more, please contact our support team.|
After selecting your provider, just follow these steps:
1. Make sure you have properly mapped your custom domain to TalentLMS (see this article) to be able to obtain an SSL certificate for that domain.
|Note: If your portal has branches, you have to get a wildcard (or STAR) certificate to handle all custom domains.|
2. Contact us to provide you with a CSR (Certificate Signing Request). CSR is the message you send to a Certificate Authority when applying for a digital certificate.
To produce your CSR we need the following data:
- Hostname (i.e., the custom domain you have mapped to TalentLMS)
- E-mail address
- Organization name
- Organizational Unit (optional)
- State or Province
3. Contact your SSL provider directly and use the CSR (source: Apache mod_ssl) to proceed with the SSL certificate generation process (this may vary among SSL providers).
4. Send us your SSL certificate to install it to our backend for your SSL connection to become active.