SilverStripe Platform is certifiable

At SilverStripe HQ, we’re continuously working to make SilverStripe Platform, our AWS cloud Platform-as-a-Service, even better.

But right now, we’re huddled together in barely stifled manic anticipation as we bring to you another SilverStripe Platform feature to “silence distractions”.

HTTPS support for all
In February, we were excited to release Stack Share for SilverStripe Platform. Stack Share is our cost-effective solution for digital agencies having some smaller clients with tight hosting budgets, lower traffic and less frequent updates to their sites.

At the time of release, Stack Share (along with our single AZ stack size, Solo) didn’t support HTTPS. However, just because a site is smaller, it doesn’t mean its security needs are reduced.

So we’re pleased to announce that HTTPS support is now available for all stack sizes, and for sites using Stack Share.

Additionally, up until now, you had to raise a support ticket to control your HTTPS certificates. As part of this release, we’ve introduced a self-service tool in the platform dashboard for you to manage your site’s HTTPS certificate.

We’ve tried to make this process as easy as possible. You’ll still need to request the actual certificate from a recognised certificate authority. However, our tool includes a wizard to step you through the process of downloading a certificate request to kick off the process, and then uploading the certificate once your certificate authority has provided it. It’s also got some safety checks built in to make sure the certificate is in the right format and for the appropriate site, etc.

There has been a lot of behind-the-scenes work to enable these changes, and we’ve kept security in mind throughout.

Both your certificate and the associated private key are stored in a new secure encrypted vault. This vault allows the platform dashboard to manage sensitive secrets and distributed them to the appropriate servers while keeping them safe from attackers. This vault has recently been open-sourced, and I’ll be writing a technical blog post next week covering exactly how it works.

These features are available now for all new and existing clients of SilverStripe Platform, and can be enabled by updating to 3.1.0.

Feature creatures
Of course, we aren’t comfortable resting on our many laurels (and not just because it turns out branches aren’t that comfortable). We’re already hard at work on even more ways we can make developers’ lives better.

Soon we’ll be letting you enable and control IP whitelisting of your environments through the dashboard. And now that we’ve got a secure vault, we can start allowing developers to store other sensitive data in it, like API credentials.

How freaking excited are you about SilverStripe Platform? What security-related features would you like to see next? Please leave your comments below.

Header image by Yuri Samoilov