Enable Your Free SSL Certificate

What is SSL?

How do computers communicate over the web? How do they know when their connection is secure? Computers use special rules; they shake hands and establish an encrypted link known as SSL or Secure Sockets Layer. Adding an SSL certificate to your website lets your site visitors know that you are serious about security.

Tip: Your account comes with a free SSL Certificate, but did you know you can maximize your security? Upgrade your SSL Certificate to boost your credibility and assure customers you take security seriously.

Enable Your Free SSL

The following statements are required before you enable your free SSL:

You have a live website on your domain that is visible on the internet.
Your nameservers and A record* must point to the IP address associated with your hosting account.
Some second-level domains are NOT supported.

*The primary authority for your domain is the A record. Your account nameservers must point to your hosting account where your website is hosted.

What do Enable and Enforce mean?

Enable: the act of turning on free SSL support for a specific domain.
Enforce: the act of forcing all website traffic to HTTPS via a 301 redirect

How to enable your free SSL:

Log in to your account, and click Domains to reach your Domains Dashboard.
The Domains Dashboard has two views, the Card and List view. You can switch between the two by clicking on the view icons at the top right corner.

In Card View, click Manage on the domain you wish to manage SSL

In List View, click on the cog icon.
Once you click the Manage tab, you will be routed on the Summary page of the domain you chose. From here, located on the Domain Settings card, toggle the Let's Encrypt Free SSL to the right.

Tip: A 301 redirect will need to be added to the .htaccess file, which will enforce your SSL; otherwise, it may not work even you toggle them on. Please request assistance from our Web Advisors and Professional Services or see How to Create a 301 Redirect.

Tips and Tricks

WebsiteBuilder

After enabling your free SSL, you will need to re-publish your WebsiteBuilder site in order for the changes to take place.

WordPress

Enabling your WordPress site to display securely may require a few steps.

Backup your database and site content.
Make sure that your Let’s Encrypt SSL is enabled as shown above.
Login to your WordPress Dashboard and go to Settings and General.
Revise the WordPress Address (URL) and the Site Address (URL) to HTTPS
Click Save Changes at the bottom of the page.
The database entries must now be revised to reflect the secure address (HTTPS)

Change Database Entries: WordPress sites

There are many plugins available from WordPress.org for this task. Visit the following page at WordPress.org for complete information.
https://make.wordpress.org/support/user-manual/web-publishing/https-for-wordpress/

Troubleshooting WordPress Issues

You may encounter several issues when enabling an SSL on a WordPress site. This section focuses on the most common issues - the Mixed Content Warning - it doesn't and can't address all potential issues.

This can occur when your site contains other resources that are not hosted on your site with HTTPS. A few examples of mixed content may be:

Images
Videos
Stylesheets
Scripts

For instance, if you are linking to Facebook images or YouTube videos you might encounter this issue. The best practice for images would be to upload them into your WordPress media library; they would then display as secure on your site.

WordPress Resources

The best source for troubleshooting WordPress issues is WordPress. Org site listed below. In addition, a few of the plugins that can help you troubleshoot the mixed content issue are listed.

https://codex.wordpress.org/Main_Page
https://wordpress.org/plugins/ssl-insecure-content-fixer/
https://wordpress.org/plugins/remove-http/

301 Redirects

Note: This is only recommended for advanced users. An error could result in your website(s) being disabled.

The .htaccess editor is a powerful tool with which advanced users can customize their websites. When using this tool, your first step will always be to select the domain and directory where you are applying the changes.

Log in to your account, Hosting Summary.
In the left pane, click on .htaccess Editor.
Select the domain from the dropdown and then a directory and then click on Use Direct Editor. Note: It is important to select the right domain name in this field so the 301-redirect will be applied to the correct website.
Add one of the following code snippets into your .htaccess file (based on what you want to do).

Old to a new domain - Change the word "OLD DOMAIN" to the old domain name you want to redirect to and change the "NEW DOMAIN" to the new domain name it is redirecting to.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^OLDDOMAIN.com [NC,OR]
RewriteCond %{HTTP_HOST} ^www.OLDDOMAIN.com [NC]
RewriteRule ^(.*)$ http://NEWDOMAIN.net/$1 [L,R=301,NC]

HTTPS - Redirect for SSL Certificate, change the word "DOMAIN" to the domain name that requires the redirect from HTTP to HTTPS. Click Save.

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^DOMAIN.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.DOMAIN.com/$1 [R=301,L]

IMPORTANT

If there is already a RewriteEngine in your .htaccess file, only copy the rest of the code
When you’re editing your .htaccess file, it is essential to note that lines beginning with a hashtag are comments and are not included in the .htaccess rule. When you’re adding rules, you must include them either above or below the default rule

Stuck? Contact us to have our Web Advisors assist your or Professional Services set up 301 redirect for a small service fee.

FAQs

Q. Will free SSL be an account-wide setting (applied to all domains) or just single domains?
A. You have the option to enable the free SSL on a per-domain basis. A free SSL cannot be enabled on domains with a paid SSL certificate. When enabling free SSL for a domain, that domain and all subdomains will receive a certificate.

Q. What will be required to enable my free SSL?
A. You must have a live website on your domain that is visible on the internet. The nameservers and A Record must point to the IP address associated with your account.

Q. I still cannot toggle on your Free SSL on the summary page even my nameserver and A record are already pointing with your server.
A. If you are experiencing greyed-out buttons and an inability to toggle the free SSL, please do not hesitate to call our web advisor to have them assist you.

Q. What if I already have a paid SSL certificate on my domain?
A. If you have a paid certificate on your domain, you cannot enable the free SSL. If the paid certificate expires or is canceled, you can apply for the free SSL certificate.

Q. If I cancel my paid SSL certificate can I enable the free SSL?
A. Yes, your domain will show up in the list in Domain Central, and there you can enable the free SSL.

Q. Why should I keep my paid SSL if you are giving me a free one?
A. A paid certificate offers you another level of protection and comes with a warranty. It allows you to display a security seal on your site and is a great addition to an eCommerce website.

If you are unsure about the level of protection you need, you can purchase additional protection.

Need help with a Paid SSL Certificate? Visit the following link for instructions:
SSL Certificate: Installation Steps