If you want to protect the data transferred between you and D9T READY then you will need a SSL certificate. This guide will assist you to get a free SSL certificate for your free D9T READY subdomain.
1. Create an E-Mail Address
First of all create a mail forwarding for webmaster@yourdomain to your private email address.
2. Create a private key
Then create a private key. Click on SSL/TLS on the top of the navigation on D9T READY.
Select Create New Private Key and give it a relatable name.
After successfull creation of the private key you can click on Manage Certificates.
3. Create a certificate
Since there are no certificates yet you will need to create a new one with Create New Certificate.
Fill all the form fields with proper content. Important: The Common Name (CN) has to match your domain (in this case a free subdomain).
4. Verify your domain with WoSign
Now go to https://buy.wosign.com/free/ and enter the details into the form:
In the next step you will need to verify you domain. So click on Domain Control verification to start.
Important: Select Sub domain name verification. Otherwise you won’t be able to receive the emails. Request the verification email and enter the details in the form again.
5. Export your Certificate Sign Request (CSR)
Go to SSL/TLS in the D9T READY interface again, click on Manage Certificates and then on CSR to view the Certificate Sign Request.
You need to copy all the text from the grey box.
6. Let WoSign sign your CSR
Paste, check and submit your own generated CSR to the WoSign system.
7. Update the Certificate with the signed one
You can now download the finished SSL certificate (including intermedite and root certificate) as a ZIP file. Extract it and open the .CRT file from the for Nginx archive with a notepad/text editor. Copy all the text from the file and go back to the D9T READY interface.
Click on Update and paste the contents of the .CSR file that you have just downloaded in the step before.
Now you can re-configure your domain with the certificate you just imported. You may now even force SSL/TLS so that if you access your web application you will see something like this: