Chat with us, powered by LiveChat

This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Learn How To Install Magento SSL Certificate

August 27, 2019

5 Min Read
Magento SSL
Reading Time: 5 minutes

All online ecommerce stores are now required by the Payment Card Industry (PCI) to process transactions on a securely encrypted channel. At your Magento store, Magento SSL certificate verifies that all transactions occur over the secure layer of Secure Socket Layer (SSL) Protocol.

What is an SSL Certificate?

SSL Certificates are small data files that connect your Magento store’s details to a security key. When installed on a web server, it activates the padlock and the HTTPS protocol, thereby allowing a secure connection from the webserver to the user browser. SSL enabled connections ensure that sensitive information (such as credit card numbers, social security numbers, and login credentials) is transmitted securely.

In contrast, when SSL certificate is not enabled, the data between browser and web server is exchanged in plain text which anyone who intercepts the traffic. Attackers can easily intercept unprotect data packets and can use unencrypted information for their benefits.

SSL certificates are issued by a Certificate Authority (CA) to an organization and its domain verifies that a trusted third-party has authenticated its identity. Since the browser trusts the CA, it would trust the identity too. The browser lets the user know that the Magento store is secure, and the user can browse it with full confidence and enter sensitive information without the fear of data compromise.

Keep Your Store Secure with Dedicated Firewalls

Get platform-level firewalls and regular firmware upgrades

How Magento SSL Certificate Secures Your Store?

When a browser attempts to access a Magento store that is secured by SSL, the browser and the webserver create an SSL connection through the process known as an SSL Handshake. It then connects to a web server (website) secured with SSL (HTTPS).

The server identifies the browser request and checks the root of the certificate against a list of trusted Certified Authorities and verifies that the certificate is NOT expired or revoked, and its common name is valid for the specific Magento store. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.

Magento stores have always faced security threats because of the very valuable data in the database and other areas of the store. Installing SSL certificates has now become an essential requirement of doing business in the face of rapidly evolving security challenges. The next-generation Cloudways Platform has simplifies the process of installing a free Magento SSL certificate (powered by Let’s Encrypt). On the Cloudways platform, installing an SSL certificate is a matter of a few clicks.

However, before you start configuring Magento SSL, make sure you’ve signed up for a full Cloudways account, and your domain is pointed to the target Magento application. If this sounds confusing, read this article on launching Magento on Cloudways managed server.

Note:  Let’s Encrypt is a nonprofit Certificate Authority that issues FREE SSL certificates to all Cloudways customers. Note that Let’s Encrypt SSL certificates cannot be installed on Cloudways staging URLs. To use these certificates, you need to point your domain first to avoid any issues.

Install Let’s Encrypt SSL Certificates on Your Magento App

Login to your Cloudways account, and go to your Magento application.

Magento 2.3.1 application

Under the Application Management, click SSL Certificate.

click Magento SSL Certificate

Under SSL Certificate, you have two options, Let’s Encrypt SSL Certificate and Custom Certificate (discussed below).

Under Magento SSL Certificate

In the Let’s Encrypt tab, enter your Email Address and Domain name (that you have already pointed), and click the Install Certificate button.

The SSL certificate installation process might take some time to finish. Once done, you will see the following screen:

Magento SSL certificate installation process

Install Custom SSL Certificate on Your Magento App

In case you don’t want to use the Let’s Encrypt certificate, Cloudways provides an easy way to install a Custom SSL certificate that you have bought from a trusted Certificate Authority.

For this, you need to create a CSR (Certificate Signing Request) from the Cloudways platform.

Select your Application, and under the Application Management section, click SSL Certificate. Select the Custom Certificate slider option and tap the CREATE CSR button.

Magento CREATE CSR

The following form will collect information about your Magento application.

Magento SSL collect information

After successfully submitting the relevant information, a CSR will be generated. Click the DOWNLOAD CSR button and submit it to the SSL Certificate Authority to generate an SSL certificate customized for your Magento store.

Magento DOWNLOAD CSR

The SSL Certificate Authority will provide two files: yourdomain.crt (Certificate Code) and yourdomain.ca (Chain File). Press INSTALL CERTIFICATE, and you will see a popup asking for Certificate Code and CA Chain.

Press INSTALL CERTIFICATE Magento

Next, click SUBMIT to finalize the process. Once done, the SSL certificate is installed and should work as intended on your Magento store.

Enable SSL Certificate On Magento Store

Once the Magento SSL Certificate has been installed, the next step involves enabling the SSL certificate for Magento 1.x and Magento 2.x stores.

Magento SSL Configuration

Log in to your Magento 1 backend and navigate to System > Configuration.

System-Configuration Magento SSL

In the left panel, under the General section, tap Web.

General-Web Magento SSL

In the right-side panel, expand the Secure section. Change HTTP to HTTPS in the Base URL and select Yes for both Use Secure URLs in Frontend and Use Secure URLs in Admin in the drop-down menu.

Secure Section Magento SSL

Now tap the Save Config button, clear your Magento 1 cache, and you are good to go!

Magento 2 SSL Configuration

The process for enabling SSL in Magento 2 is similar to that of Magento 1 stores.

Login to your admin panel and navigate to STORES > Configuration.

STORES-Configuration Magento SSL

Under General, click Web.

General-web magento 2 ssl

Expand the Base URLs (Secure) section in the right panel. Update the Secure Base URL to HTTPS and select Yes using the drop-down for both Use Secure URLs on Storefront and Use Secure URLs in Admin.

Base URLs secure section magento 2 ssl

 

Once done, tap Save Config and clear the Magento 2 cache using CLI or admin panel.

One SSL Magento Store On A Single Server?

Many Magento hosting providers only allow one SSL protected website on a server. This means if you want to host a second SSL Magento website, you are out of luck. You need to launch a second server (or worse yet, get a second account). SInce Cloudways is all about giving freedom and choice to our users, we allow store owners to install as many SSL-protected ecommerce websites as you like.

 

Share your opinion in the comment section. COMMENT NOW

Share This Article

Boost Your Magento Store Performance by 5x Times & Maximize Your Sales

Our fastest Magento hosting can help you in growing your business revenue by 500%

Fayyaz Khattak

Fayyaz is a Magento Community Manager at Cloudways - A Managed Magento Hosting Platform. His objective is to learn & share about PHP & Magento Development in Community. Fayyaz is a food lover and enjoys driving. You can email him at m.fayyaz@cloudways.com

Get Our Newsletter
Be the first to get the latest updates and tutorials.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!