HTTPS should be enforced on every public endpoint (here’s why). There are a number of ways to get certificates for systems at TTS, depending on what infrastructure you’re using:
- If using cloud.gov, obtain through the CDN broker.
- If using Federalist, they are set up automatically.
- If using AWS, there are a few options:
- Let’s Encrypt
- GSA IT
- Service Desk > Service Catalog > New Account or Access Requests > Internal Certificate Request
- Unclear if they can also create certificates for public web. Please update this page if you find out!
- SSLMate through #acquisition, via an approved purchase request
- If in OPP, get a GoDaddy certificate through #opp-infra
- If using another agency’s infrastructure, consult their IT department.