We just got a security question from a customer about our “certificate on the app and the login”. I see through the browser that the web certificate is issued to kommune.flyyt.no, which I know is an Appfarm solution, but it looks quite weird here.
I am no expert on web certificates, so sorry if my questions are stupid:
- Is it possible for you to change the certificate owner to something that looks like appfarm (as flyyt is not on our list of sub-processors, it looks questionable that they show up here)
- If not, should we in theory add flyyt to our (and your) list of sub-processors?
- Is it possible to set up our own web certificate (or make it look like it is in our name)?
- Is the certificate any different when logging into .appfarm.app, compared to our custom domain? (I thought the certificate was linked to the domain, but apparently not?)
- Is the certificate different from the login page?
- For customers asking for our web certificate, is there any other info we probably should show them apart from what is seen in the browser?
- Any additional info we should know about this certificate?