miloslu February 02, 2025

How to setup https

Setting up HTTPS for a website involves obtaining and installing an SSL/TLS certificate. Here’s a step-by-step guide: --- 1. Choose an SSL Certificate You can get an SSL certificate from: Free Certificate: Let's Encrypt (Recommended for most websites) Paid Certificate: From providers like DigiCert, GlobalSign, or Namecheap (Recommended for e-commerce, banks, etc.) --- 2. Generate a Certificate Signing Request (CSR) If using a paid SSL certificate: 1. Use your server or hosting panel to generate a CSR and a private key. 2. Provide the CSR to your SSL certificate provider. For Let's Encrypt, tools like Certbot handle this automatically. --- 3. Install the SSL Certificate Option 1: Using Certbot (Recommended for Let's Encrypt) If you are using Apache or Nginx: 1. Install Certbot: sudo apt update sudo apt install certbot python3-certbot-nginx (For Apache: sudo apt install certbot python3-certbot-apache) 2. Run Certbot to obtain and install a certificate: sudo certbot --nginx or for Apache: sudo certbot --apache Follow the prompts to select your domain and enable HTTPS. 3. Auto-renew SSL certificate: sudo certbot renew --dry-run Certbot automatically renews the certificate every 90 days. --- Option 2: Manually Installing a Paid SSL Certificate 1. Upload the SSL certificate files to your server. 2. Configure your web server: For Nginx: Edit your configuration file (e.g., /etc/nginx/sites-available/default): server { listen 443 ssl; server_name yourdomain.com; ssl_certificate /etc/ssl/certs/your_cert.crt; ssl_certificate_key /etc/ssl/private/your_key.key; location / { try_files $uri $uri/ =404; } } Restart Nginx: sudo systemctl restart nginx For Apache: Edit the SSL configuration file: <VirtualHost *:443> ServerAdmin webmaster@yourdomain.com DocumentRoot /var/www/html ServerName yourdomain.com SSLEngine on SSLCertificateFile /etc/ssl/certs/your_cert.crt SSLCertificateKeyFile /etc/ssl/private/your_key.key SSLCertificateChainFile /etc/ssl/certs/intermediate.crt </VirtualHost> Restart Apache: sudo systemctl restart apache2 --- 4. Force HTTPS (Redirect HTTP to HTTPS) For Nginx: server { listen 80; server_name yourdomain.com; return 301 https://$host$request_uri; } For Apache: Add this to .htaccess: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] --- 5. Verify HTTPS is Working Open your website in a browser (https://yourdomain.com). Use an SSL checker like SSL Labs. --- 6. Update URLs and Content Ensure all links (images, scripts, etc.) use HTTPS. Update robots.txt, sitemap.xml, and settings in services like Google Search Console.

Our Sidebar

You can put any information here you'd like.

  • Latest Posts
  • Announcements
  • Calendars
  • etc