Fotomerchant offers free SSL certificates for all Fotomerchant Domains and third-party custom domains connected and pointing to a Fotomerchant website. This is provided at no additional cost to a Fotomerchant subscription.
With SSL enabled automatically, your website visitors are given a secure connection on every page of a Fotomerchant website. This will appear as a green padlock in the web browser used:
Within 1 hour of connecting a Fotomerchant account to a Fotomerchant Domain or third-party custom domain, Fotomerchant will automatically issue an SSL certificate for your website. If your third-party domain does not show a secured connection with a green padlock within this time frame, please review the below guide for Domain is not secure.
This guide will also assist you in ensuring your website visitors continues to have a secure connection throughout your site.
What is SSL?
Secure Sockets Layer, or SSL, is a technology that secures the connection between a browser and the website you’re visiting. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green padlock icon.
This allows visitors to navigate the website and submit information through a secure connection.
It may also help more visitors find your website since in 2014, Google announced that SSL-secured websites would potentially enjoy a rankings boost in their search results.
What is a third-party custom domain?
A third-party custom domain is a domain that was purchased through domain registrars such as Crazy Domains, GoDaddy, Melbourne IT and so forth.
This domain is managed outside of a Fotomerchant account and is connected to a Fotomerchant website by updating it's DNS records.
What is Mixed Content?
Mixed content is when a secured (https) page loads content from an insecure (http) connection. Insecure content can come from:
- Assets and media links
- Third-party tools
- Custom code
When mixed content is detected on a web page, the web browser cannot show a green secured padlock to the website visitor. Instead it will generally show a grey padlock instead:
In this situation, you will need to review the content of the web page to ensure:
- All links to images, videos and third-party tools such as Forms use "https://" in the web address and not "http://".
- All Assets links copied from a Fotomerchant account from the Website > Assets area use "https://" in the link. If Asset links contain just "http://", then you may need to go back to the Website > Assets area of the account to get an updated secure link to use instead.
Since mixed content on your website degrades HTTPS site security, visitors may see a browser warning when they load mixed content from your site. To avoid this, make sure to review your website content and avoid "http://" links where possible.
SSL and the Shopping Cart
If you have the shopping cart turned on for your Fotomerchant website, your checkout pages are protected by SSL to keep your customer credit card data safe and secure.
When a customer checks out on your store, they’ll see a green secured padlock icon in their browser.
Domain is not secure
A Fotomerchant website may appear with the following warning when accessed in the browser:
There are two reasons this may occur:
- Sufficient time has not passed since the Fotomerchant Domain was purchased through Fotomerchant. Please allow up to 1 hour for this process to complete, for an SSL certificate to be automatically issued to your website.
If more 1 hour has passed and your Fotomerchant purchased domain still does not appear secured, please contact our support team at email@example.com.
- If you are using a third-party custom domain and more than 1 hour has passed since it was connected to your Fotomerchant account, then there may be issues with the DNS records for your domain that is conflicting with this process.
This can be resolved by checking that your domain has the following DNS records:
DNS Record Type Name Value A @ - points to - 188.8.131.52 A @ - points to - 184.108.40.206 A * - points to - 220.127.116.11 A * - points to - 18.104.22.168 CNAME www - points to - customerdomain.fotomerchant.com
All records listed above must exist for a Fotomerchant domain to properly validate an SSL certificate for your domain.
If more A records than the ones listed above appear for a domain, then the SSL process cannot properly validate your domain.
You can check and test the DNS records for your domain by using a tool such as WhatsMyDNS.net. This tool should show results exactly like this for your domain:
If you seem more results in WhatsMyDNS than is shown above, you may need to delete DNS records from your Domain's DNS settings to resolve this issue.
Please contact our support team at firstname.lastname@example.org if your need assistance with this process.
Do I need a Fotomerchant Domain to use SSL?
No. SSL is available for any Fotomerchant Domains and third-party domains connected to your account. If you have a third-party domain, ensure that the domain is properly connected to your site by confirming your CNAME records and A records. See above in Domain is not secure
for more details.
Can I use a custom certificate?
No. It isn’t currently possible to install a custom SSL certificate on a Fotomerchant site.
Will SSL work for subdomains?
Yes. Fotomerchant will create a certificate for a custom domain and subdomain connected to your account, whether it’s a Fotomerchant Domain or hosted by a third party. This also true for the "www" version of your domain, if you're using it separately from your top level domain.
Will SSL work on mobile browsers?
Yes. Your site is will be protected by SSL as long as your visitors are using a supported browser.
How long does it take for my website to have an SSL certificate issued?
Please allow up to 1 hour for Fotomerchant's automated systems to issue an SSL certificate for your website.
Will SSL slow down my site?
You may notice a slight difference in site load time over HTTPS, as the secure connection takes time to authenticate the certificate and validate the site. In most cases, the difference is very minor.
I see a certificate error for my third-party domain, but my DNS settings are correct.
If you're seeing an error for your third-party domain, but you've already checked your records, we might not be able to issue a certificate because of a problem with your domain provider. To fix this, please contact our support team at email@example.com for assistance.
I’m using a third-party SSL provider for my site. Should I disable it?
If you’re using an external provider for SSL, like CloudFlare, you can disable this and use Fotomerchant’s automatic SSL certificate for custom domains. However, note that Fotomerchant can’t generate a certificate for your domain until you point your domain to our servers. Your site’s existing HTTPS traffic will be unavailable while your DNS changes propagate and Fotomerchant generates the certificate. During this time, you may see a certificate error when visiting your domain.
Can I disable SSL?
No. It’s not possible to remove SSL certificates for your custom domains, as this keeps your site secure and ensures the best experience for your visitors.