SSL (Secure Form) capability with CNAME domains

  • bto09
    Asked on August 31, 2015 at 12:20 AM

    Please - this would be so valuable especially for those of us who use Jotform's CNAME capability to run payment-integrated forms. Customers expect all payment forms to be SSL and it's currently not possible with CNAME forms. Please consider this with the dev team. This would be immensely valuable and would reaffirm JF's commitment to innovation and customer requests :).

  • bto09
    Replied on September 14, 2015 at 1:34 PM

    Hi, are there any updates here?

    This is really important for my customers as they don't feel comfortable submitting credit card info in an unsecured environment...please help. 

     

  • bto09
    Replied on September 24, 2015 at 8:16 AM

    Thanks for your suggestion. My website client does not support HTML on a mobile browser hence I am using the CNAME method. Please please please add this feature!!!

  • Charlie
    Replied on September 24, 2015 at 12:01 PM

    If I may also suggest, would it be possible to use domain forwarding or masking in your hosting provider? I believe that should allow SSL protocol, here's a guide of it but only in GoDaddy: https://www.godaddy.com/help/manually-forwarding-or-masking-your-domain-name-422 

  • bto09
    Replied on October 1, 2015 at 7:20 PM

    I am using Wix and I don't believe it is possible. 

    Is it very difficult for you guys to secure CNAME domains? Perhaps I have been reading the wrong articles but from what I understand all that's needed is for you to install certifications and secure the server I was looking in the history and this was brought up years ago and knowing your ambition and skill, I'm surprised that it has yet to be implemented.

     

    Is there something else I can do to help make this feature possible?

  • Charlie
    Replied on October 2, 2015 at 3:17 AM

    Hi,

    I'm checking the status of the feature request, unfortunately, it seems like it won't be implemented anytime soon. This will be depending on the current workload of our developers and if they see it fit for the system.

    I'm not quite familiar on how your Wix site is setup, but upon checking Wix, I see that it seems like HTTPS is not quite possible in their side also? Here's a guide link: https://www.wix.com/support/html5/domains/wix-domains/kb/request-using-https-for-a-wix-site

    For the meantime, it is not quite possible to make CNAME domain SSL enabled in our side. But, should there be any update from our developers we will surely update you on this thread.

    Thank you for understanding.

  • bto09
    Replied on October 13, 2015 at 4:22 PM

    Saw the latest announcement regarding the SSL forms. Does this help with securing the CNAME domains as well since all forms are now SSL?

  • jonathan
    Replied on October 13, 2015 at 7:11 PM

    From what I understand, it still is not possible at this time. The latest update on the SSL forms does not affect the CNAME domains feature.

    We had already submitted a feature request ticket.

    Unfortunately, we do not have an ETA when this will be implemented. Our developer assigned on the ticket will provide response here when news/update on the status is available.

    Thank you for your patience and understanding.

     

  • bto09
    Replied on January 28, 2016 at 11:48 PM

    Hello team, 

     

    Happy new year. Would you have an update on this feature request? 

     

    thanks

  • bto09
    Replied on January 31, 2016 at 11:53 AM

    Just a gentle bump :).

  • jonathan
    Replied on January 31, 2016 at 1:50 PM

    I will do a follow up on this as well. Thank you.

  • bto09
    Replied on February 26, 2016 at 1:00 PM

    Hi, was there any update or follow up?

  • jonathan
    Replied on February 26, 2016 at 1:49 PM

    I am sorry but there is no news or updates on the progress at this time.

    I would like to inform you also at this time that this requested feature was not in the high priority list.

    This was the reason it is not getting to much attention from our developers.

    Since there were far more high prioritized features and tickets, it may take a while before the dev team can attend to this ticket request.

    Thank you for your patience and understanding.

  • bto09
    Replied on February 26, 2016 at 2:08 PM

    I understand. 

    Can you offer up some alternatives to me in terms of securing the form with SSL if JF is unable to do so? Are there any external services I can sign up for that can secure the form, etc.?

     

    Thanks

  • jonathan
    Replied on February 26, 2016 at 2:24 PM

    The Form URL were using SSL / secure (https) URL by default already.

    link: All-Forms-are-Now-Secure-by-Default-The-SSL-Limits-on-Free-Accounts-are-Lifted-

    The feature being requested on this ticket was about the inclusion of using https when using custom domain name of the form.

    user guide: How-to-use-Custom-Domains-with-Jotform

    As noted on the user guide (at the bottom), HTTPS is not support for custom domains.

    The main reason why lesser importance on this feature is that most of the time using custom domain name of the form with secure URL were being used by hackers, phishers and other users doing illegal activities. So we do not put emphasis on this.

    Form Encryption is the more extreme security if you want them applied on your for as well.

    Hope this help.

    Thanks.