In the previous installments in my series on Magento 2 security, I have discussed integrating 2FA and reCAPTCHA based security for Magento 2 stores. In this installment, I will continue with installing and enabling Magento 2 SSL certificates.
There are many aspects of running a successful ecommerce store that should be considered in the early stages of a business. One of the key factors is to provide your users with a secure platform where they do not have to worry about privacy. Using SSL certificate to protect your online store has become a standard procedure in the retail industry.
What is SSL?
SSL- Secure Socket Layer certificate is used to secure a website as it establishes an encrypted link between the web server and a browser. The biggest advantage of SSL is that the data between encrypted link always remain private. In simple words, adding SSL Certificate to the store would mean that you are protecting the user’s private information such as login credentials, credit card information, and other sensitive data.
Install and Enable Magento 2 SSL Certificate
Magento 2 is one of the most powerful and customizable ecommerce platforms. In order to add Magento 2 SSL, you will need to first buy it or some hosting providers also offer Let’s Encrypt SSL Certificate which is FREE. I will show you how to add Magento 2 SSL, follow these steps:
Install Magento 2 SSL Certificate
I will show you the method to install Magento 2 SSL on shared as well as on managed hosting servers.
For shared hosting, I have used the server from A2 Hosting. Go to the cPanel and click on SSL/TLS under Security section:
Now you will be redirected to the SSL/TLS page, here, click on Generate, view, upload or delete SSL certificates:
Here you will see the Let’s Encrypt SSL already installed under Certificates on Server list. However, if not, then you can contact their customer service and they will install it. When Let’s Encrypt is enabled, the process of renewing SSL certificates is done automatically. According to their process, the Let’s Encrypt SSL will renew every 90 days.
Now to add your own purchased SSL certificate you need to follow some steps. First go back to SSL/TLS page and click on Private Keys:
Here generate a private key for SSL certificate:
Now go to Certificate Signing Requests (CSR):
Here you have to enter details to create a CSR file which you have to submit to the SSL Provider and in return, you will get yourdomain.crt (Certificate Code) and yourdomain.ca (Chain File).
Now go to Certificates(CRT):
Here you have to upload the certificate, paste the body of the certificate or just upload the .crt file which you have got from your SSL provider:
Now, at last, go to Install and Manage SSL for your sIte:
Select the domain and you will have the option to autofill the required details or you can also add them manually which you got from the SSL provider:
You can use the same method to install SSL certificate to any of your shared hosting.
For managed hosting, we have used the server of Cloudways. Go to their admin panel and then go to applications:
Click on the application for which you want to install SSL and you will be redirected to its management. Then go to SSL Certificate.
They give you an option to install Let’s Encrypt SSL and also you can add the custom certificate.
First, let’s understand the method for Let’s Encrypt.
Enter the email address and domain name, click on Install Certificate and the process will be started:
After the completion of the installation process, the Let’s Encrypt SSL will be installed. On the left side, you will see the AUTO RENEWAL option, you can set it to auto or you can also do it manually by clicking on RENEW NOW:
Now to add other SSL certificate, select Custom Certificate. Click on CREATE CSR:
Enter the details and then click on Submit to generate CSR file:
Once it’s done, you will get the option to download CSR file and to install SSL certificate.
First, submit the downloaded CSR file to the SSL provider to get yourdomain.crt (Certificate Code) and yourdomain.ca (Chain File). Then click on INSTALL CERTIFICATE and a popup will appear where you have to enter the Certification Code and CA Chain (provided by SSL provider).
Enable Magento 2 SSL
Once the Magento 2 SSL installation is done, to enable it, Go to Stores → Configuration from the admin panel of your store:
Now click on Web under General Tab:
Unfold the Base URLs (Secure) section and update the Secure Base URL field by changing http to https:
Now select Yes for Use Secure URLs on Storefront and Use Secure URLs in Admin fields:
Use Secure URLs on Storefront: By selecting Yes, all of your storefront pages will open with https.
Use Secure URLs in Admin: By selecting Yes, your store admin panel will be open with https.
Lastly, just click Save Config:
SSL is one of the most useful and important layers to secure your Magento 2 store. Following this simple tutorial, you should now be able to install and enable Magento 2 SSL to redirect your store from http to https. If you have any questions, feel free to use the comment box below!