Install an SSL certificate and enforce HTTPS on your domain
Definitions
SSL Certificate: An SSL certificate encrypts data between your website and website visitors to create a secure connection.
HTTPS enforcement: HTTPS enforcement makes all your website visitors use a secure, encrypted connection when visiting your website.
Before you start
✅ Your domain name must use our nameservers or point via your main A record to get SSL coverage through our network.
⚠️ Your domain name must be added to your hosting control panel to get SSL coverage activation.
🚨 If you registered your domain externally and just applied our nameservers to ours, wait 24 hours for DNS propagation.
❌ SSL certificates are not supported for sub-subdomains but are supported for subdomains. For proper SSL coverage in these cases, always use subdomains.
ℹ️ This guide covers each step in a general guidelines format. If you’ve previously completed a step or have a custom setup, go directly to the section that corresponds best to your requirements.
Step by step
Apply our nameservers (or DNS) to your domain
To activate SSL coverage through our network, your domain must use our nameservers or point to your hosting account via DNS.
- If you registered your domain name with us, your nameservers will be set to ours automatically.
- If you registered your domain name externally, apply our nameservers to your domain or point your main A record to your hosting account IP address. You only need to perform one of these actions.
🚨 Note: Once nameservers or DNS are updated, it can take anywhere from a few hours to 24 hours for the new settings to take effect on your domain across the internet via DNS propagation.
Add your domain to your hosting account
Your domain name must be added to your hosting account to have SSL coverage. If you haven’t added your domain name to your hosting account, complete the steps in the guide below:
Install an SSL certificate on your domain
❗Before reaching this step, make sure to have reviewed the two previous steps above. At this point, you can either wait for auto-SSL activation or manually install the SSL certificate yourself.
ℹ️ SSL certificates are auto-installed on a rolling basis after your domain nameservers (or DNS) are pointed to our network, fully propagated, and the domain is added to your hosting control panel.
🚨 To speed up the process, you can manually install your SSL certificate on your domain name in a few seconds using the steps below.
1. Log in to your hosting control panel
2. From the top right, click the down arrow ∨ and choose the domain you want to install an SSL certificate for
3. Click on the SSL Certificates button
4. Click the button for Get automatic certificate from ACME Provider
5. For the ACME Provider, make sure Let’s Encrypt is selected. Do not select a different option.
6. Click the ▼ next to Key Size (bits) and select 4096-bit
7. Check the box to the left of Certificate Entries to select all your entries
8. Click the Save button
9. Allow the SSL installation process to run without clicking away. A faint blue loading bar at the top of your browser indicates progress, and a CERTIFICATE AND KEY SAVED popup will confirm completion.
10. Click the Close button
11. Your generated SSL certificates are now listed with auto-renewal enabled, renewing automatically every 59 days
12. Go to the ‘Enforce HTTPS on your domain’ section of this guide and complete all the steps
Enforce HTTPS on your domain
The next step is to force all of your website visitors to the HTTPS and SSL version of your website.
1. Open this guide and complete all the steps: Access and modify your .htaccess file
2. In your .htaccess file, put in the following HTTPS code snippet:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]⚠️ Read these points before you start modifying your .htaccess file:
- ➡️ Each .htaccess file has distinct and varied existing code snippets, this is normal.
- ➡️ Put your HTTPS code snippet at the top of your .htaccess file. If there’s no room at the top, press ‘Enter’ or ‘Return’ on your keyboard to create space by moving the existing snippets down.
- ➡️ Your HTTPS block snippet needs to be on its own separate section to function properly.
- ➡️ You need to click the Save File button at the top right of your .htaccess file to apply changes.
Here is an example of the process:
Check your SSL certificate (optional)
Lastly, you can check your SSL certificate in your web browser. The process varies by browser, so refer to the steps below for popular web browsers.
Chrome
1. Open a new web browser window
2. Go to https://yourdomain.com
⚠️ Note: Replace yourdomain.com with your domain name
3. Click the icon to the left side of the address bar
4. Click Connection is secure
5. Click Certificate is valid
6. You can review the SSL certificate information on the popup window
Safari
1. Open a new web browser window
2. Go to https://yourdomain.com
⚠️ Note: Replace yourdomain.com with your domain name
3. Click the padlock icon in the address bar
4. Click the Show Certificate button
5. You can review the SSL certificate information on the window
Firefox
1. Open a new web browser window
2. Go to https://yourdomain.com
⚠️ Note: Replace yourdomain.com with your domain name
3. Click the padlock icon on the left side of the address bar
4. Click on Connection secure
5. Click on More Information
6. Click on View Certificate
7. You can review the SSL certificate information on the new tab
Audit insecure elements (troubleshoot)
If your website still shows “Not Secure” in the browser address bar after completing all the previous steps, it means your website has insecure http:// elements that mask your SSL certificate.
You need to manually update these elements to https:// for your site to show as secure and make the SSL certificate visible.
1. Open your website on a Google Chrome browser window
2. Right-click anywhere on the page
3. Select Inspect from the dropdown
4. Find and click on the Console tab
5. In the Console tab, look for warnings about mixed content or insecure elements; these will usually include a URL that starts with http:// instead of https:// and will be marked with This content should be also be served over HTTPS
6. Identify the elements loaded over http:// and update them to https:// on your website. If you’re unsure or uncomfortable doing this, consider getting help from a website developer.
7. Once the elements of your website load over https:// – you will see your website loading securely and the SSL certificate visible