Whether you are operating a WordPress or a NonWordPress website, adding HTTPS (Hyper Text Transfer Protocol) or SSL (Secure Socket Layer) is a must. If you are late to this party, you are losing your site authority, an army of visitors and above all a great amount of revenues.
Initially SSL was a preferred tool only for the eCommerce store owners. But today it is widely accepted by almost all website owners.
Now, let’s see how you can add an HTTPS to your WordPress site.
Why Should You Add HTTPS to Your WordPress Site?
- To establish a sense of trust in your visitors’ mind when it comes to password protection or any sensitive information protection.
- Google has officially confirmed that adding HTTPS is a ranking factor back in 2014.
- To affirm your identity as the site owner.
Things to Consider Beforehand
Before implementing HTTPS to your site, you need to determine if you are going for a free SSL Certificate or a paid one.
- Paid SSL service providers: You will have to pay a specific amount of fee for a specified period for paid SSL certificates. Examples of paid SSL certificates are Comodo, Symantec, GeoTrust,
etc . - Free SSL service providers: Let’s Encrypt, Cloudflare,
In this tutorial, we are going to implement the free SSL certificate, Let’s Encrypt in the cPanel of the hosting.
Step 1: Log in to the cPanel
If your hosting provider already gives you to add the free SSL like Let’s Encrypt, you will need to log in to the cPanel. After logging in, scroll down to the SSL/TLD option:
Now, you should see the following screen showing four options. They are:
- Private Keys (Key): Private keys helps your website encrypt the data and stops others from impersonating your website. Thus, this is the single most important component of your SSL certificate or HTTPS.
- Certificate Signing Requests (CSR): The CSR or Certificate Signing Requests is usually the underdeveloped public key which allows you to enroll the HTTPS or SSL certificate. Apart from this (CSR), an SSL certificate can not be issued as the information of the CSR cannot be validated.
- Certificates (CRT): When you generate Key and CSR, the certificate will be generated accordingly.
- Install and Manage SSL for your site (HTTPS): Use this option to install and activate the HTTPS.
Step 2: Generate Private Keys
To generate Private Keys click on the following anchor texts marked by the red arrow:
After that, the system will require credentials from you to generate private keys. After successful insertion of the credentials you will have to click on the ‘Generate‘ button to create the Private keys:
You can see the private keys marked in red color on the above screenshot.
Step 3: Generate Certificate Signing Requests (CSR)
Now, go back to the SSL/TLS option again and select the following option marked by the red arrow:
Now, insert the credentials to generate Certificate Signing Requests (CSR). Here is the generated key marked by red marks:
Step 4: Generate Certificates
In this stage, go to the SSL/TLD option again. Now select the following option:
After that, you will need to insert the credentials to generate Certificates.
Step 5: Install SSL Certificate
Go back to the SSL/TLS option and you will have to click on the following option:
Now, you will be taken to a new page. Select your domain from the dropdown and click the “Autofill by Domain” button so that you don’t have to enter all of the data manually:
When done with inserting the data with autofill, click on the “Install certificate” button:
Step 6: Update the Site URL to Activate
To avoid any undesirable error messages, go to the WP Admin Dashboard > General > URL. Now add an extra ‘s’ next to the ‘
This is it. You are done with installing and activating the SSL in your domain.
Troubleshooting
If your site is old and have a lot of pages with old URLs then it will still keep showing that the domain is not secure.
To keep this problem at bay, you will have to go to the WordPress directory and open the .htaccess file in a text editor. Next up, copy and paste the following lines of codes:
RewriteEngine On
RewriteCond %{HTTP_HOST} DomainName.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://DomainName.com/$1 [R,L]
After pasting the code, save the changes.
Bonus Tips: Update Any link You Control to HTTPS
You should update all of the links that that is controlled by your HTTPS version of your site. You should also request other website owners to update the links they have already pointed to your website.
Moreover, many reliable hosting providers provide an easy process of adding SSL certificates and managing your HTTPS and websites. So make sure to choose a well-known yet secured hosting service provider to power up your websites.
Will Switching to WordPress HTTPS Affect Your SEO?
“No negative effects, of course”. As we mentioned earlier, Google has already confirmed that using HTTPS or SSL is a ranking factor. In addition to that, you will also get proof from Neil Patel that SSL adds ranking benefit to your website.
Although some people are concerned about the ranking dip of their website, there is nothing to lose if you want to add HTTPS to your WordPress site.
If you do face any inconvenience while installing the SSL or HTTPS to your WordPress website let us know in the comment section, we will try our best to help you out.
3 thoughts on “How to Add HTTPS or SSL Certificate to Your WordPress Website”