0

I have been considering getting an EV SSL certificate for my website, but I have some concerns about how this will interact with our planned architecture.

We were planning to serve our static files from Amazon's CDN (cloudfront) backed by an Amazon S3 bucket. My understanding is that as long as you use the full cloudfront domain rather than attempting to use a custom CNAME, ssl over cloudfront will be completely transparent to our users as long as we use the appropriate scheme when generating links.

With an EV SSL certificate, will everything still be transparent to users? We don't want to invest in getting a green bar just to lose it because we're linking content from another domain only authenticated by vanilla ssl.

schizodactyl
  • 103
  • 3

2 Answers2

2

I've used an EV cert on a couple of sites that get image content pulled from an alternate site. In my example config, https://site1.domain1.com/ is the main web site that users interact with and images are being delivered from https://site2.domain2.com/. At a basic level, this looks like the same type of site configuration you are talking about.

As long as everything is SSL encrypted, things should work as expected. If you have any absolute URLs pointing to http:// on the main site, you will lose the bar. I can't say if an accidental placement of an absolute http link to the secondary site will cause a problem (and I could only test this on my live sites and then I'd be looking for new employment :)

mahnsc
  • 1,776
  • 13
  • 11
1

We use an EV SSL with Cloudfront CDN and it's a waste money. Cloudfront will support the EV SSL, but we have to upgrade to the $200/month plan. That's a lot of money for a green bar. It does help conversions, but I don't think it would cover the $200/month to Cloudfront. So if Amazon offers a CDN that will work with the EV SSL (Basically you would have to give the CDN a copy of your private key for distribution into it's network) then you can keep the green bar. Otherwise it's a waste of money.

nada
  • 11
  • 1