Add FREE SSL Certificate to WordPress Websites

by Mustaasam Saleem  March 1, 2017

Secure Socket Layer (SSL) is the standard for encrypted communication between web servers and web browsers. It makes sure that the communication between the server and the browser is encrypted and private. When compiling SERP, Google prefers SSL certified websites. When you secure a site via SSL, a padlock icon is visible in the address bar, and the URL prefix changes from http:// to https://.

Add Free SSL Certificate to WordPress

What is Let’s Encrypt?

Let’s Encrypt is a free, automated, and open certificate authority (CA). It is a service provided by the Internet Security Research Group (ISRG). By using Let’s Encrypt, anyone who owns a domain can add a Secure Socket Layer (SSL) certificate without any cost.

SSL Boost SEO Ranking

Google is trying to make the internet more secure by offering SSL certified websites an edge in SERP listings. The search engine apparently prefers SSL certified sites over non-SSL certified. SSL certificates are an important factor in the over SERP positioning strategy. You could read about the relation in-depth here.

Create Server to Deploy WordPress Application

For the purpose of this blog, I assume that you have already Signed up, created a server with WordPress installed and pointed your domain. If not, here is how you can create the server and install WordPress on it.

Open Application to Add SSL

If you have successfully launched a server and application at Cloudways, go to the Applications tab available on the top left of the screen. All applications installed on a server will be listed here. Open the application to which you want to add the SSL certificate.

applications

Adding SSL to WordPress Application

Again from the left pane, go to SSL Certificate tab and fill in your details. Click on Install Certificate.

P.S: Domain name should be your website domain that you’ve already done in Domain Management tab.

Install SSL on WordPress

Important: Please make sure that your domain is live with complete DNS propagation. Otherwise, you won’t be able to install the SSL certificate.

Auto Renewal of SSL Certificate

The process will take a few moments to complete. Once completed, your website will start serving on HTTPS too. Certificates issued by Let’s Encrypt need to be renewed every 90 days. Cloudways will handle the renewal process automatically if you set the Auto Renewal option to Yes.

Renewal of SSL

Change All Internal URLs to HTTPS

After successful installation of the certificate, go to the WordPress Admin Panel. From the left pane, navigate to Settings -> General. Before WordPress Address and Site Address input https instead of http and click on Save Changes at the bottom of the page. This will change all internal URLs to https.

Wordpress Address

Mix Content Warning:

Now, visit your website and verify that all internal links are moved to https. If you can still see an info icon ⓘ on few of your web pages, then it indicates that one or more of the URLs are serving via http on a relevant page. We need to identify that URL/s.

There is an excellent online tool to check Non-SSL content by JitBit. It will crawl and check for non-ssl links on complete site. I have scanned my testing site, and you can see the result that some URLs are having insecure content serving via http.

To fix them, there is an awesome plugin Velvet Blues Update URLs that will check all URLs and update them.

Install the plugin, and navigate to Tools -> Update URLs and configure the plugin as below.

Redirect WordPress Site to HTTPS

Although, all internal links have been moved to HTTPS, but if someone visits the site with http, it will not be forced to serve via https.

P.S: WordPress .htaccess file is the control room of the website. Even a single misspelled dot (.) could damage WordPress site. Before making any changes, backup your .htaccess file to an offsite location.

Redirection of WordPress websites to HTTPS can easily be fixed by adding a few lines to the “.htaccess” file. Login to your hosting account, navigate to your WordPress root directory and open .htaccess file with any editor. At the beginning of the file, paste the following lines just below “RewriteEngine On”.

The .htaccess file should look something like:

Configure HTTPS in Google Search Console

To track https links in Google Search Console, go to the Google Analytics Dashboard and then get into the Admin area. Choose your required property and click on Property Settings.

From the right-hand side, change the Default URL to https://

Go one step back and get into the View tab.

And change Website’s URL to https.

And you are done with Let’s Encrypt integration on a WordPress site. Don’t forget to change all dependent URLs to https. Like on the Facebook page, Twitter account, etc. As they will be tracked in Google Analytics.

Having trouble in integrating FREE SSL certificate on WordPress website? Feel free to ask questions in the comment section below.

Make Your WordPress Website 100% Faster.

Host it now on Cloudways WordPress Hosting Platform.

About Mustaasam Saleem

Mustaasam is the WordPress Community Manager at Cloudways - A Managed WordPress Hosting Platform, where he actively works and loves sharing his knowledge with the WordPress Community. When he is not working, you can find him playing squash with his friends, or defending in Football, and listening to music. You can email him at mustaasam.saleem@cloudways.com

Stay Connected:

You Might Also Like...