Information for people considering enabling HTTPS on your Talis Aspire Reading Lists (TARL) tenancy.
Introduction
This article is aimed at both technical and non-technical staff who need to know about enabling HTTPS on their tenancy.
HTTPS connections to servers allow all messages and traffic sent to that server to be encrypted to guard against malicious eavesdropping of data sent over the network.
Your organisation is not required to provide an HTTPS certificate. Talis will manage the certificates required to setup and run an HTTPS connection. We have taken this decision to mitigate the risk that certificates provided by many different organisations might expire unnoticed and cause loss of access or degradation in service for your users.
Talis have procedures in place to ensure that our certificate is updated regularly and before any expiry occurs.
In order to enable HTTPS for your reading lists, we will need to enable HTTPS for all traffic that goes to your tenancy.
Why would you choose to enable HTTPS?
- Using HTTPS means that your tenancy will no longer cause browsers to give insecure content warnings when viewing content embedded in your virtual learning environment. Some browsers silently block insecure content without any obvious warning.
- You will be able to bookmark from HTTPS enabled third party sites.
- If you are planning to use the Learning Tools Interoperability (LTI) Integration then you must be using HTTPS to avoid your browsers silently ignoring requests to the LTI Tool.
What happens once you have enabled HTTPS for your tenancy?
-
All HTTP requests for your tenancy will be redirected to a new domain which has HTTPS enabled. The browser location bar will show
https://<tenantcode>.rl.talis.com/...
. - All traffic to your original HTTP tenancy URL will be redirected to your new HTTPS URL*.
- All existing bookmarks that students and staff may have saved will continue to work. They will automatically be redirected to the intended page and served over HTTPS.
* NOTE: Your HTTPS URL will not be your original URL updated to https.
What are the risks?
You may have existing integrations in systems like learning environments and library catalogues which call Talis Aspire Reading List APIs. These APIs do work over HTTPS, but your integration will need to handle the redirection from HTTP to HTTPS.
It is important to note that switching to HTTPS could break your existing integrations. You are required to confirm with Talis that you have checked all your existing integrations and made sure that they will work with HTTPS. Talis can tell you which Talis integrations are safe to use with HTTPS, but you may have other integrations provided by others which will need checking.
How do you get this enabled for your tenancy?
To enable HTTPS please raise a support ticket. We will then set the wheels in motion to make this change to your tenancy configuration.
Technical Information
Connections to Talis Aspire Reading Lists normally go to an HTTP endpoint which your organisation will have mapped in your DNS settings to be a CNAME to list-app.talis.com
. This is still required.
You do not need to provide a certificate. Talis will manage this on behalf of all our customers.
No other technical changes are required.
FAQ's
Q. Why is my https url different to my original tenancy url?
A. This article explains the difference.
Q. Why do the APIs return different URLs when HTTPS is enabled?
A. This article explains what's happening in this scenario.