You've probably noticed the little padlock icon in your web browser window, next to the address of the site you're visiting. That padlock means that your connection between your browser and the server is being encrypted, so a person with malicious intent, intercepting the connection, would not be able to see the data in transit.

All Novi sites are secured this way by default. During your onboarding process, we provision what's known as an SSL certificate, which in simple terms is just a block of text used by an algorithm to encrypt traffic before it crosses the wire between you and our system. The third party that issues the certificate, known as a certificate authority, does so by verifying that the certificate matches the domain name you use. (This process uses DNS, which we talk about in a separate article here: DNS and your domain name.)

A basic certificate covers your root domain name, like "," as well as "," including the "www" subdomain on the front. These certificates are usually good for two years before they expire, and we provision a new one.  Basic SSL certificates are included at no extra charge with Novi AMS subscriptions.

Wildcard SSL

You might use services that require other subdomains, like "" Your association may have a career centers, an outsourced vendor guides, or perhaps a trade show app that you may wish to add to a subdomain of your website. In those cases, for additional cost, we can provision a wildcard SSL certificate for you. You'll often see them expressed as "*," with the asterisk indicating the wildcard. That means the certificate will also work with any number of subdomains on other services. If this is a requirement, let your sales or onboarding team members know.

Setting Up a Wildcard SSL with a 3rd Party

What should you expect for a wildcard certificate? Once provisioned, we'll give you a file containing the issued certificate. From there, you will have to forward it to the other service that you're using, so they can install it on their servers. You or someone managing your domain name will also need to add a DNS record to point to the other service (see link above).

Did this answer your question?