To enable HTTPS on your Mendix custom domain, you need to get a certificate from a Certificate Authority (CA). Signed certificates are not cheap--they can average $1,000 (USD) annually to obtain and renew each year. There is a free alternative to the widely accepted and expensive CAs:
From Let's Encrypt: Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.
The key principles behind Let’s Encrypt are:
The best way to use Let’s Encrypt without shell access to the web server is by using built-in support from your hosting provider (i.e. Mendix Cloud). If your hosting provider offers Let’s Encrypt support, they can request a free certificate on your behalf, install it, and keep it up-to-date automatically.
https://letsencrypt.org/getting-started/
Nothing beats "free" i guess. But a similar SSL cert to LetsEncrypt certainly doesn't cost 1000 USD/year. You can get them for 5-30 USD/year. Just google for "cheap SSL certs".
Nonetheless, support for LE in mendix cloud is definitely a plus.
Peter, multiple times in the forums possibly but still not any movement from the development team in 6 years...
Hi Ned, this idea is already found multiple times in the idea forum:
- https://community.mendix.com/link/space/security/ideas/398
- https://community.mendix.com/link/space/app-development/ideas/1872