How to Install SSL Certificate on Your WordPress Site

Updated on November 05, 2017

If you are running an eCommerce site, accepting credit cards, or passing information that needs to be encrypted, you will need to install an SSL certificate on your WordPress site. Having an SSL certificate will enable HTTPS and this ensures that no information is passed in plain text. Follow the steps below on how to install SSL on your WordPress site.

how to install ssl certificate

How to Install SSL Certificate

You have two different options when it comes to installing an SSL (TLS) certificate on your WordPress site. Also see information on checking your SSL certificate, renewing, and removal.

  1. Install Free SSL certificate
  2. Install Custom SSL certificate
  3. Check SSL certificate
  4. Renew SSL certificate
  5. Remove Custom SSL certificate

Option 1 – Install Free SSL Certificate With Let’s Encrypt

Setting up SSL with our Let’s Encrypt integration is as easy as 123. Make sure your domain is pointed at Kinsta before proceeding.

free ssl let's encrypt

Current Limitations

  • All domains/sub-domains need to be added manually on the dashboard
  • Limitation of 100 sub-domains
  • Let’s Encrypt certificates are domain validated only (they don’t have warranties)
  • Limitations on domains with special characters

Step 1

Login to your MyKinsta dashboard and click on “Manage” next to your WordPress site.

Manage WordPress site

Manage WordPress site

Step 2

Click on “Tools” and under Enable HTTPS click on “Add Let’s Encrypt Certificate.”

Add Let's Encrypt certificate

Add Let’s Encrypt certificate

Step 3

In order for a certificate to be generated successfully you must have at least one live domain pointed at Kinsta. Then click “Next.”

Generate Let's Encrypt HTTPS credentials

Generate Let’s Encrypt HTTPS credentials

Step 4

You will then have an option to choose the domains on which you want an SSL certificate installed. If your site is http://domain.com and has a redirect from www to non-www, you will still want to select both for the HTTPS redirect. Click on “Generate Certificate.” (Note: You will need to add all of your domains prior to this from the MyKinsta dashboard, including any subdomains which require SSL)

HTTPS credentials domains

HTTPS credentials domains

And that’s it! It will take a few seconds or so to install and your site should be all secured.

Option 2 – Install Custom SSL Certificate

Step 1 – Purchase SSL Certificate

Purchase your SSL certificate from any vendor you like such as Comodo, DigiCert, GeoTrust, Thawte, or Trustwave.

Step 2 – Server Type

When purchasing a new SSL certificate, you are asked to provide the server type. The type of our web servers is Nginx, if that option is not available, then “Other” will work as well.

Step 3 – Generate CSR and Private Key

A CSR code will be needed by the SSL provider to create/sign the certificate file. For generating a CSR code and RSA key, please complete the following form: https://www.trustico.com/ssltools/create/csr-pem/create-a-new-csr-instantly.php. This is an example below of information you will need to fill in.

Note: For the common name field, if you are generating a wildcard certificate, you will need to input your domain name, such as *.domain.com.

generate csr

The form will generate you the private key file and the CSR. Make sure to save both of those as the certificate will be unusable without them. When you’re ready, the CSR will be automatically emailed to you. Download it from the email and upload it to your SSL provider to regenerate the certificate.

Step 4

Log in to the dashboard, click on a site, go to the Tools tab and click the “Add Custom HTTPS Credentials” button to get started.

Install SSL certificate on WordPress

Install SSL certificate on WordPress

Step 5

To use custom credentials you will need to have a .key and a .cert file prepared. Then click “Next.”

Custom HTTPS credentials

Custom HTTPS credentials

Step 6

You will then be able to add your private key and certificate. Note: Some customers will also want to add their intermediate certificate as well. Most SSL providers will email you a .crt file and a .ca-bundle file. Paste the contents of your .crt file in the “Certificate” section first and then the contents of the .ca-bundle file below it. You can use a text editor like Notepad or TextMate to open the certificate and bundle files. If you don’t have or know your intermediate certificate you can use a free tool like https://whatsmychaincert.com/ to generate it. Then click “Apply Certificate.”

Apply certificate

Apply certificate

3. Check SSL Certificate

After you have installed your SSL Certificate we recommend running an SSL check to verify that everything is setup correctly.

4. Renew SSL Certificate

Follow the information regarding renewal of your SSL certificate.

Free SSL Certificates

Free SSL certificates (Let’s Encrypt) deployed via the MyKinsta dashboard are renewed automatically every 90 days. There’s nothing you need to do. However, if your site is behind a reverse-proxy such as Sucuri, you must contact their support and have them enable the setting to “forward certificate validation” which allows HTTPS provisioning and renewals to complete successfully.

Custom SSL Certificates

If you have a custom SSL certificate, you’ll need to renew it with the SSL provider or domain registrar from which it was purchased. As long as it was renewed before it expires, there’s no need to re-upload it to the MyKinsta dashboard.

5. Remove SSL Certificate

There might be some instances in which you need to remove an HTTPS certificate, whether it be Let’s Encrypt or your own custom SSL certificate. Perhaps you were testing an HTTPS migration or maybe you’re migrating your site to Let’s Encrypt certificates. To remove an HTTPS certificate, simply click on “Remove HTTPS Certificate” under Enable HTTPS in the Tools menu.

Remove HTTPS certificate

Remove HTTPS certificate

Was this article helpful?
No, or there was something off

Hand-picked related articles

Send this to a friend