Table of Contents
Let`s be clear, SSL is a must or rather said HTTPS always should be your first level of security because when you are logging into wp-admin, a hacker in the middle can steal your cookie, password, whatever he wants. Among the security, HTTPS nowadays have many other benefits such as HTTP/2 benefits, brotli compression, QUIC protocol and so on. If your site is still using HTTP, consider moving to HTTPS today!
Closte platform allows you to generate all types of free SSL powered by LetsEncrypt. Before requesting a free SSL, ensure the domain DNS records points to the Closte site IP address or you have an active DNS zone for requesting a wildcard SSL. This can be checked at Site->Domains page, SSL column and our system will warn you about the required changes.
Clicking on the green Create button, our system will try to request free LetsEncrypt SSL for your domain in next 1-3 minutes and your next step is to install the SSL certificate on the related site/s.
Installing an SSL certificate in one-click operation on the Closte platform. Simply go to SSL->Your SSL details page where you can install the SSL certificate to any related WordPress site or private load balancer with just a single click.
If you are installing the SSL certificate on a primary domain, a pop-up window will appear with several options:
- Primary Protocol: Change the primary domain protocol to HTTPS
- Fix URLs: Backup the site and search-replace the database e.g http://closte.com to https://closte.com
- Force HTTPS: redirect all HTTP requests to HTTPS
Here are some general tips to review the site after the SSL installation.
- Not all URLs in the database can be replaced e.g Slider Revolution images.
- We do not modify any files that have HTTP links e.g theme CSS file that loads Google Fonts via HTTP protocol.
If you have accessed your website with an invalid SSL certificate, you may still receive the SSL error. That is because your web browser needs some time to clear the cache. The best way to verify your SSL installation, go to https://www.sslshopper.com/ssl-checker.html.
Closte system will automatically try to request and install SSL certificates on alias domains automatically added by WP Ultimo. This feature does not work for manually added domains or for other types of domains like redirect or primary domains.
Every domain added by WP Ultimo will be queued for AutoSSL installation for the next 7 days. If we are unable to request free SSL more than 7 days, the queue is removed. The requirements for the AutoSSL installation are the same as requesting an SSL manually, simply said, once the DNS records are changed.
Usually, the SSL certificate will be requested and installed in next 1-2 hours once the DNS records are changed. You can check the requirements just as for any other domain in Site->Domains page and also check our AutoSSL attempts in SSL->Free SSL Requests page (event = autossl).
If one of our attempts fails, the next attempt is delayed for one hour.
After you purchase an SSL certificate or you already have one, you can import into the Closte system. To do that, your certificate needs to be in PFX format. If your certificate is not in PFX format, you can convert it locally with OpenSSL command line tool with the following command:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
There is also an online SSL converter site, check https://www.sslshopper.com/ssl-converter.html
When your PFX certificate is ready, import it in SSL -> Certificates -> Import Existing SSL.
A CSR or Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate such as the organization name, common name (domain name), locality, and country. CSR is needed in order to buy an SSL certificate and it`s an easy process to create it on Closte by going to SSL->CSR->Generate CSR. In addition, your SSL provider may ask you for the type of web server and that is Litespeed or Apache.