Authenticate and secure your new government website

Like most government websites, Mass.gov uses "Https" encryption to protect to protect the privacy and integrity of our content and users. This encryption ensures that all Mass.gov domains and subdomains are authenticated in order to prevent against certain types of cyber attacks. To enable this encryption for your new government website on mass.gov, you'll need an SSL certificate.

The Executive Office of Technology Services and Security manages and approves these SSL certificates. You can request on through ServiceNow

Note: When you request an SSL certificate, you should have already secured your new mass.gov domain. Learn about how to do that here.

How to request an SSL Certificate

There are 2 fields to fill out in ServiceNow when requesting an SSL certificate:

• Name of Server: Ask whoever you are working with on hosting your new website for the name of the server where the site is being hosted.
• Type of SSL Certificate: There are 2 types of SSL certificates you can request: Standard and Premium.
  • Premium SSL certificates are specifically designed for e-commerce websites. If your new website has any sort of transaction or collects user data in any way, you need a Premium SSL certificate.
  • Standard SSL certificates are for all other websites. If your new website does not have any sort of transaction and does not collect user data, you need a Standard SSL certificate.