Using a TLS certificate (using https) for your May First hosted when using the Deflect caching service

We recommend enabling Lets Encrypt certificates for your site on both the May First hosting (origin) server and for the Deflect caching (edge) servers.

You can do this easily by following the 3 steps below. If you are not yet using the Deflect service, jump to step 2 to enable a certificate for your site from the May First control panel before enabling the Deflect service for you site.

If you have already set up the Deflect service for your site then start from Step 1 and continue.

Step 1

• Access the Deflect control panel for your site
• Navigate to the "HTTPS / TLS" tab
• Under the "HTTPS / TLS configuration" header enable the option:
  • I want to encrypt connections to my website
• Under the "Public TLS Certificates" header enable the option:
  • Use a free Let's Encrypt certificate
• Use the Save TLS configuration button to save your changes
• In the "HTTPS options" section enable the option:
  • Both HTTP and HTTPS This step is only temporary, we will change this again after making changes in the May First control panel.
• Use the Save button to save your changes.

Step 2

• Access the ​May First control panel for your site's hosting order
• Navigate to the "web configuration" tab
• Edit your web configuration and set the port to auto to enable a Lets Encrypt certificate for you site.

See the following instructions for more details:

​https://support.mayfirst.org/wiki/faq/security/setup-certificate

Step 3

• Access the Deflect control panel for your site
• Navigate to the "HTTPS / TLS" tab
• In the "HTTPS options" section enable the option:
  • Redirect all HTTP traffic to HTTPS
• Use the Save button to save your changes.