HTTPS Certificates

HTTPS should be enforced on every public endpoint (here’s why). There are a number of ways to get certificates for systems at TTS, depending on what infrastructure you’re using:

  • If using cloud.gov, obtain through the CDN broker.
  • If using Federalist, they are set up automatically.
  • If using AWS, there are a few options:
    1. Let’s Encrypt
    2. GSA IT
      • Service Desk > Service Catalog > New Account or Access Requests > Internal Certificate Request
      • Unclear if they can also create certificates for public web. Please update this page if you find out!
    3. SSLMate through #acquisition, via an approved purchase request
    4. If in OPP, get a GoDaddy certificate through #opp-infra
  • If using another agency’s infrastructure, consult their IT department.