What is an SSL Certificate?
An SSL Certificate is used to establish a secure, encrypted connection between a web browser and a server. The Certificate is installed on one or more servers and enables the web browser to encrypt communications sent to that server. They are used for all secure, HTTPS communications between the browser and the origin server.
What SSL support is included with Magento Commerce Cloud?
All Magento Commerce Cloud customers can use the shared-SSL certificate included in the Cloud plan subscription. We provide a Domain-Validated SSL certificate that is issued by GlobalSign. The certificate is shared with other Magento Commerce Cloud merchants. This certificate does not incur additional fees.
You can provide your own SSL certificate. Be advised, there is an additional fee to deploy the SSL Certificate to all of the servers in the Content Delivery Network (CDN) as described below.
Why would you want to provide a dedicated SSL Certificate?
The primary reason to provide your own SSL Certificate is to use an Extended Validation SSL Certificate. Extended Validation certificates are tied to the legal entity of the organization rather than simply the domain. These certificates provide a higher level of assurance for consumers.
Why is there a fee for using the customers own SSL Certificate?
Magento Commerce Cloud uses the Content Delivery Network (CDN) to deliver complete web pages to consumers. It holds the Magento full-page cache. This means that all cacheable pages are served directly from the CDN rather than having to be served from the origin server. We use the service provider Fastly.
With Magento Commerce Cloud, the pages served to your customers are cached on the CDN. This enables the pages to be served faster from the distributed locations of the CDN servers that are closer to the consumer. This approach accelerates how quickly web site pages are loaded and reduces the load on the eCommerce servers so they can process more orders. Information specific to your customer’s session like cart content is returned asynchronously from the origin server - that is, it does not affect the page load time and it is inserted in the page when available.
This approach covers both secure and non-secure pages. It is increasingly recommended to serve all pages securely for privacy, security, and SEO considerations. This approach means that for the CDN to be effective, the SSL certificate must be deployed on the CDN so the CDN can return the full pages as quickly as possible.
What is the additional cost for providing an SSL?
The additional cost for providing an SSL can be high. Deploying the custom SSL certificates involves touching every server in the CDN network. The SSL certificate must be installed on every point of presence (POP). This involves considerable effort for the CDN provider. CDN’s that support this capability have similar charges. For example, AWS’s CloudFront has the same fees as Magento Commerce Cloud for deploying an SSL certificate on the CDN. Magento is passing through the fees associated with service without markup.
Add links to more info: