With 2017 just a month away, it’s now more important than ever to have your website rendered via SSL. Google is now factoring in whether or not your site uses SSL into your website’s ranking! SSL is the underlying protocol used in HTTPS. This is like HTTP, but encrypted! While visiting a webpage using SSL, every packet of data transmitted between your web browser and the web server is encrypted by SSL keys. We will setup a WordPress site to use SSL. The web server will be hosted on DigitalOcean.
Step 1: Retrieve your SSL certificate
There are many ways to obtain the necessary SSL certificate. If you want to spend money, you can go to GoDaddy and follow the prompts to purchase a SSL certificate. If you don’t want to spend money, you can visit Let’s Encrypt.
Before receiving your SSL certificate, you will need to create a CSR (Certificate Signing Request). I prefer to generate the CSR from the command line. In order to generate the CSR, you will first need to generate a private key:
openssl genrsa -out host.key 2048
Now we can use that key to generate the CSR:
openssl req -new -key host.key -out host.csr
Ok awesome, so far so good. Now submit your CSR (if you’re using GoDaddy), after a few minutes they will spit out your SSL certificate. The file you will download will include the private key, and two SSL certificates. One of the SSL certificates is the main certificate for the domain, and the other is known as the intermediate certificate. You will need all three files.
Step 2: Enter your SSL credentials into ServerPilot
Recently I discovered an awesome service that makes the management of SSL WordPress sites on DigitalOcean really simple. It’s called ServerPilot. I will be writing up a post soon on how to deploy or migrate your existing WordPress site to ServerPilot.
On ServerPilot, go to the ‘Apps’ tab, and find your app. Take the private key, and each of the certificates you received and paste each into its respective box and save.
Also, toggle the box asking if you’d like to allow ServerPilot to redirect HTTP requests to HTTPS requests. Each app you deploy via ServerPilot will install Nginx and upon your approval, will redirect non-secure requests to HTTPS. Sweet!
Step 3: Update your WordPress Settings
Almost done! Now go back to your WordPress dashboard and go to Settings > General. Make sure the fields ‘WordPress Address’ and ‘Site Address’ contain your new HTTPS prefix and save!
Your site should now be operating using HTTPS. If you run into any issues with these instructions or would like me to elaborate on any areas, please comment below!