Chat with us, powered by LiveChat

This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

How to Setup HTTPS SSL Certificates on Laravel 5

September 13, 2018

9 Min Read
laravel https
Reading Time: 9 minutes

SSL Certificate is known as the backbone of secured internet connection and is regarded highly for establishing protective layer of security for websites over the internet. It protects the sensitive information of your website from getting breached, as it travels across different computer networks of the world.

In this article, I will demonstrate how to setup SSL Certificate in Laravel 5.5 business application. Basically SSL Certificate gives effective standard of security to the websites which exchanges chunks of sensitive information over the internet. When implemented on a web server, it actuates the padlock and the Laravel Https protocol and permits secure connection from web server to program. Commonly, SSL is utilized to secure websites having  Visa/MasterCard exchanges, information exchange and user logins. In fact many other web apps are also now opting the standard to secure their confidential data including web-based social networking sites and business applications.

Install SSL Certificate On Laravel
1. How Can We Implement SSL on Our Cloudways Hosting?
2. Why Do I Need An SSL Certificate in Business apps?
3. Why HTTPS Redirect Is Essential For Your Application
4. Conclusion
5. Faq’s

An organization needs to introduce SSL Certificate into its web application to start a protected session with programs. Because there is nothing protected in the modern web world, and to make sure that your informational data always remains safe while coordinating with associated programs, you need some protocol to secure it from the outside malfunctioning attacks. So once a safe connection is set up with Laravel SSL redirect, all the web movement between the web server and the web program becomes secure.

Prevent Your Laravel Applications From Being Hacked

Deploy Your Laravel Apps With Us & Experience The Solidified Security Features

How Can We Implement SSL Certificate?

Well, SSL security comes at a cost. Which means you have to pay for a SSL certificate. For this tutorial we will fetch trial certifiate that is valid for 30 days.


For the purpose of this article, I assume that you have a Laravel application installed on a web server. My setup is:

  • Laravel 5.5
  • PHP 7.1.
  • SFTP access to your Cloudways Application

I have installed my Laravel application on the managed Laravel server of Cloudways, which holds reputed name in the market of managed cloud hosting providers and has an optimized dev stack of Laravel on their platform. So if you don’t have an account on Cloudways as of yet, simply sign-up there for free.

Setup Cloudways SSL On Laravel app

Cloudways provides Free SSL Certificate, just add your domain and email id to configure it on your web application.

Set up Custom SSL On Laravel app

Firstly, navigate to the application tab and then click SSL Certificate as shown in the below screenshot.

Obtaining CSR

After clicking on SSL Certificate, a new tab opens of Certificate Signing Request (CSR) where you are asked to create CSR first by filling the respective fields given in the form.

After filling the whole CSR form and submitting it, a download button will appear which upon clicking will download the respective CSR instantly.

Installing Certificate

Cloudways provides free SSL Certificate, just enter your email and domain name to configure it instantly. While Cloudways also provides custom certificate as well. To demonstrate this, i have taken an example of custom Certificate for 1 month trial version. So to configure it, open your SSH terminal and type the below following


[master_edsusnfzbk]:public_html$ openssl genrsa 4096 > account.key
Generating RSA private key, 4096 bit long modulus
[master_edsusnfzbk]:public_html$ openssl rsa -in account.key -pubout

Authenticating Domain

  • SSH Into your account
  • Obtain Public Key
    $openssl genrsa 4096 > account.key
    $openssl rsa -in account.key -pubout
  • Paste your public key just below your email id
  • Click on Validate your account

 Submitting CSR

  • Scroll Down below and paste the CSR key that you downloaded in Step-1
  • Click on Validate CSR
  • Once Validated New Options will be available


Sign API Requests

Run the Signature Commands provided  in your Terminal and Paste the Hex Output just below each command.



For Example:

$PRIV_KEY=./account.key; echo -n "eyJub25jZSI6Ii0MSnBkZiJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY


(stdin)= 9c3b3d75c404d25100f8f86374a32662a14a2bc178e61fa844b6a3aa88eb1990d0a6888fba9667e

After pasting three Hex Codes in their specific fields, click Validate Signatures

laravel banner cta

Verifying Ownership I

  • Copy the key provided and run it in terminal .
  • Paste the output something like (stdin)=asdasdaw123123
  • Click on Option 2 file based
  • Copy The URL and Content and Save this in Separate File.


Verifying Ownership II

SSH into your server

		$ssh <username>@yourhostip

Get into your Application Directory

		$ cd applcations/<app_name>/public_html/

Edit Route.php

		$vim app/Http/routes.php
  • Make another Route

Here you have to add up two things carefully:

1. The URL you received in the previous step. Something like /.wellknown/acme-challenge should be pasted like I did below.

2. In return braces, paste the content you are asked to return, that you saved in previous step.

    Route::get('/.well-known/acme-challenge/asdasdwjldhohrutheuh65iu6y5uih', function () {
    return ('asdasdwjldhohrutheuh65iu6y5uih.eJytf8fORCtLmDh4s2oqU_sdRG8');
    Route::get('URL YOU FOUND', function () {
    return ('CONTEN YOU RECIEVED');
  • Now Save and Exit Vim, Press Esc and :wq this will save and exit Vim.
  • Check the URL if your app is returning the content. If yes, click on I AM SERVING BUTTON
  • It will output reply, Domain Verified

Read More About: Make Your Website Secure With Laravel CSRF

Installing Certificate

  • Copy the Signed Certificate Key into Certificate Signature Field in your Cloudways Install Certificate Tab as shown below
  • Copy the Intermediate Certificate: Key into CA Chain Field in your Cloudways Install Certificate Tab as shown below


Now come back to the website and Click TEST MY INSTALL


Why Do I Need An SSL Certificate in Business apps?

SSL is key for any site that offers products or administrations, as it comprehensively ensures that all data transmitted over the web stays private and secure. Because maintaining effective security levels is the need of many commercial web applications. That is why deploying security protocol of SSL certificate is been highly regarded for all those commercial and business web apps who wants to protect their web activity with extensive security measures.

Read More About: Effective Security Tips for PHP Based Apps

It makes a protected association between a client’s web program and the server of the organization they’re connected with, and makes a very secured route for both of these to transmit their data over it. Because it is a known fact that customers largely see website’s encryption measures first before any other thing, that whether the site is using secured https protocol instead of the old conventional http protocol. It builds a sense of reliability in the customers about the website’s security measures and hence builds trusts in them about websites informational structure.

While according to one latest statistics, by not having SSL certificate installed on your web application, gives negative impact to your business and clients. Because customers do like to see protection of the website first with the standard features, and not having effective security features will just make them less concerned about the offerings and services of the website.

As indicated by Gartner, 70 percent of customers shopping on the web has wiped out a request since they didn’t put stock in the site because it seemed less protective and looked without any security protocol feature. However, 64 percent of those customers guaranteed that they would have completed the buy if the site had SSL verification set up. So in this way, the idea rightly gets elaborated that customers do look for security protocols in the website, specially on those which are shopping-oriented and are ecommerce stores.

70 percent of customers shopping on the web has wiped out a request since they didn’t put stock in the site because it seemed less protective and looked without any security protocol feature. Source: Gartner

So, let’s look down below on some of the main focal points or advantages of SSL and why Laravel forces https for your business applications.

  • Encrypts data
  • Business Future Proofing
  • Provides Authentication
  • Fundamental component of payment processing
  • Guards Against Phishing
  • Improves Customer Trust
  • Offers Added Brand Power

The main reason why SSL holds a trusted name in the web world is that it provides a secure and protected way of transmitting the information over the internet, and sends the data in the encrypted form to the desired recipients so that they can receive it safely without any interruption. So web developers are generally responsible for this, as they should always provide their clients web applications protected with the SSL certificates. Because Web developers know more about these security norms and knows how to configure SSL certificates on web applications which a normal client doesn’t knows how to setup.

So developing a perfect secured application for them is one of the major responsibilities of a Web developer, so that the respective clients can freely transmit their data trusting the security measures of the website. While it also becomes very important because the data you send over the internet is passed from computer to computer, hence making it secured by implementing specific protocols becomes essential to get it delivered safely to the desired server.

Why HTTPS Redirect Is Essential For Your Application

If you are hosting your website using the HTTP protocol, then it is likely that your sensitive information and data over it are unsafe. Because your website travels from different networks all over the world, and HTTP protocol doesn’t guarantees to secure its transmission through those networks. As any malicious attack to your website could comprise your data easily and detrimental alterations could be performed in your website.

Hence to make that connection secure, always use the Laravel https redirect in your web application, so that it could easily be routed to a much secure protocol of HTTPS from HTTP. HTTPS helps protecting your website from the malicious outside attacks and enhances the integrity of your data by providing secured transmission protocol.


So concluding this article, we have come to the fact that SSL Certificates have become essential for modern web applications to secure their data and confidential information over the internet. And I hope that this article would have helped you a lot in getting the complete idea how to setup and configure SSL certificate in your Laravel 5 web application.

Still if you got any questions and queries regarding setting up SSL Certificate and its configuration, then you can just leave a comment below and I will answer to that accordingly.


Laravel https route not working?

In order to resolve Laravel https route not working problem, Set AllowOverride to All. Because sometimes it is by default set to None, and hence Apache will ignore every .htaccess file that it finds. Set it to All and your rewrite rules should now work as expected.

<Directory /var/www/gloops/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

Laravel how to use https?

You can set ‘url’ => ‘’ in config/app.php or You can make it work with a Middleware class. Let me give you an idea.

namespace MyApp\Http\Middleware;

use Closure;

class HttpsProtocol {

public function handle($request, Closure $next)
if (!$request->secure() && env('APP_ENV') === 'prod') {
return redirect()->secure($request->getRequestUri());

return $next($request); 
Then, apply this middleware to every request adding, setting the rule at Kernel.php file, like so:

protected $middleware = [

// appending custom middleware 


Laravel SSL connection error?

In Laravel, SSL connection error happens when you are attempting to interface with a SSL-empowered site and your program (customer) can’t make a protected association with the site’s server. Contingent upon the reason for the association blunder, web programs will for the most part show a notice messages, for example, “This Connection is Untrusted”, “The webpage’s security authentication isn’t trusted” or “Your Connection isn’t private”.

Laravel SSL operation failed with code?

This is because of user don’t add following code in laravel app. So You should add below code in /config/mail.php ( tested and worked on laravel 5.1, 5.2, 5.4 )

'stream' => [
'ssl' => [
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false,
Share your opinion in the comment section. COMMENT NOW

Share This Article

Launch Laravel apps with 1-Click Install. Painless Server Management

Deploy your apps on optimized Laravel hosting servers.

Noor Ali

Noor Ali is an Associate Software Engineer at Cloudways. He loves to solve technical problems through programming and mathematics.

Get Our Newsletter
Be the first to get the latest updates and tutorials.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!