How SSL and HTTPS work on MapleGather
This page explains why your MapleGather site address is secured with HTTPS automatically and what happens when the certificate renews.
The short version
Section titled “The short version”Every organization gets a system subdomain (for example, riverside.maplegather.org) that is secured with HTTPS from the moment it’s created — no setup, no purchases, nothing to configure. The security certificate renews itself automatically 30 days before it expires. You can see its status at any time on the Domains & SSL page.
How it works
Section titled “How it works”When your organization is created, MapleGather provisions a security certificate for your system subdomain through an automated system (backed by industry-standard certificate authorities and Cloudflare’s managed certificate service). This usually completes within 30 minutes of your organization being set up.
Once the certificate is active:
- HTTPS is always on. Anyone who visits your site address over plain HTTP is automatically redirected to HTTPS. There is no way to accidentally serve an insecure page on your system subdomain.
- The certificate auto-renews. 30 days before the certificate’s expiry date, MapleGather renews it automatically in the background. Your Domains & SSL page updates with the new “Last renewed” date when it’s done. You never need to renew manually.
- You’ll see the status on the Domains & SSL page. The green Secured · auto-renews badge, the Valid through date, and the Last renewed date are the trust signal you can share with your members or board — your site is secure.
The provisioning window
Section titled “The provisioning window”In the first 30 minutes after your organization is created, the certificate is being issued. During this window the Domains & SSL page shows a “Securing your site — usually within 30 minutes” notice instead of the green badge. This is expected — not an error. Once the certificate is ready, the green badge appears on its own.
If auto-renewal fails
Section titled “If auto-renewal fails”Auto-renewal failure is rare. When it does happen, MapleGather’s team is alerted automatically, and a notice is sent to your admin-notifications mailbox. The Domains & SSL page shows a candid error card explaining the situation. No admin action is needed — the team handles the fix and sends a follow-up notice when it’s resolved.
Why it works this way
Section titled “Why it works this way”Securing a website has traditionally required choosing a certificate provider, paying annual fees, and remembering to renew. MapleGather handles all of that automatically because security should not be a task on an admin’s to-do list — especially for volunteer-run organizations where “IT” might be one person juggling many roles. The design goal for feature 6.2 (SSL / HTTPS) is that every organization launches with a green padlock, with zero configuration required.
Edge cases & boundaries
Section titled “Edge cases & boundaries”- System subdomain only at M1. The automated SSL described here applies to your
{org-slug}.maplegather.orgaddress. Custom domains (for example,riversidegarden.org) will have their own SSL lifecycle when the website builder arrives — see the Custom domain row on the Domains & SSL page for when that’s available. - Certificate renewal does not interrupt access. The renewal window runs server-side; your site stays live with HTTPS throughout. The “Last renewed” date updates after the renewal is complete.
- No admin action is ever required for the system subdomain. If you see a message asking you to take action on SSL for your system subdomain, contact support — that would not be normal.