function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Kranthi Tamada 1Kranthi Tamada 1 

CA-Signed Certificate

Hi All,

I have a query, breifly i am going to explain what i did till now. Hope this forum may help me. (we are trying to upload certificate for a subdomain).

Our customer is having issues with custom URLs that are built for their Customer Community. The custom URLs are marked as "unsecured sites" so many of their users are unable to log in because they don't have the SSL Certification required to make it a secure site. Recently our Certicate got expired so we have followed below steps to renew a CA-signed certificate,

1. Setup > Security > Certificate and Key Management
2. Click on the label name of your existing Certificate
3. Click "Download Certificate Signing Request"
4. Deliver this to your External Certificate Authority (CA) or to your IT Department to send it for you.
5. CA sends back a new valid cert with new dates
6. From the same page in Step 3, Click "Update Signed Certificate"
7. Upload your new .crt file and click Save.
8. Notice your new expiration date. (if there is a problem with the updated CRT, the upload will fail)

we have uploaded certification in SF under certificate management and Custome url's.

We have followed the same steps and our domain is Active, and i can see status of the certificate, Expiry date, and our custom URL.But still, we are getting 'Not Secure' message in browser.

Can anyone help regarding this?

Thanks in Advance.
ShirishaShirisha (Salesforce Developers) 
Hi Kranthi,


Can you please confirm,if you are using Https or Http on the community.If you set Http then I would request you to set to the https which will secure your sites.

Also,please check the below blog provided by Digicert team on the Not secure message for sites.

Kindly let me know if it helps you and close your query by marking it as best answer so that it can help others in the future.

Warm Regards,
Shirisha Pathuri
Kranthi Tamada 1Kranthi Tamada 1
Hi Shirisha,

we are using http instead of https. After enabling the respective perms we're able to avoid the "Not secure" pop-up on the address bar.  But problem is still existing, we just redirecting to another URL by updating https check but not our url..

Thanks in Advance.