How to Install an SSL Certificate in Magento 2

March 4, 2021

Introduction

Customers are increasingly aware of potential risks and do not want to leave payment details on insecure websites.

An ecommerce store must actively reassure customers that their personal information is protected at all times.

SSL (Secure Socket Layer) certificates are used to establish an encrypted connection between the user’s browser and the website’s server. They guarantee a secure transfer of data and create a safe shopping environment.

Find out how to set up an SSL certificate and enable HTTPS in your Magento store.

Merchant securing Magento store with SSL certificate.

Why is SSL Important for a Magento Store?

If you are using the services of a payment processor, the checkout page is already protected by an SSL certificate. However, there is a lot to gain by implementing an SSL certificate throughout your Magento store:

  1. Higher Conversion Rates - Major web browsers label non-HTTPS pages as “Not Secure”. If you fully implement SSL, the customer is much less likely to abandon the purchase due to safety concerns.
  2. Data Protection - Redirecting customers between HTTP and HTTPS sessions increases the risk of man-in-the-middle attacks. Enable HTTPS to secure customer sessions and data while they are browsing the store.
  3. Search Engine Optimization - Google uses HTTPS as a ranking signal. Adopting SSL can improve your website’s position in Google’s search results.
  4. Improve Customer Experience - Customers need to feel safe from the moment they reach the website to the conclusion of the payment process. Implementing HTTPS encourages customers to freely engage with website features, share information, create user accounts, and interact with other customers.

Note: If you still haven't moved to Magento 2, we strongly advise you do so. Use our Magento Migration Plan Checklist to do it as soon as possible.


Install SSL Certificate in Magento 2

SSL certificates are issued by Certification Authorities (CAs). The cost of the certificate depends on the level of validation and the number of domains and subdomains it applies to.

Explore the different types of SSL certificates to determine what kind of certificate you need.

Ecommerce stores should primarily consider adopting Extended Validation or Organization Validated SSL certificates. These certificates are more expensive, and the validation process can take longer, but they provide enhanced fraud protection customers expect.

To reduce certification costs, check if your web host offers SSL certificates as part of their pricing plan. Web hosts can help decrease overhead costs by handling the technical implementation of the SSL certificate.

Step 1: Generate a Certificate Signing Request (CSR)

To obtain an SSL certificate from a Certification Authority (CA), you need to generate a key pair (private-public) and submit a Certificate Signing Request (CSR). An encrypted CSR file contains general information about your ecommerce company, such as the fully qualified domain name, email, country, address, etc.

There are many ways to create a CSR. For example, you can use an open-source command-line tool like OpenSSL to generate a certificate signing request.

Alternatively, the SSL Manager in cPanel provides a user-friendly graphical interface for creating and managing SSL certificates.

1. Access the SSL/TLS Manager in the Security tab.

SSL Manager in the cPanel home page.

2. Select the Certificate Signing Requests (CSR) option.

Certificate Signing Request option in cPanel.

3. Use the Generate a New Certificate Signing Request form to enter website and company details and create a private encryption key.

Complete the Certificate Signing Request form.

4. Review and confirm that the information is correct and click Generate.

Generate Magento CSR in cPanel.

5. Submit the encoded CSR to a Certification Authority of your choice.

Example of encoded CSR request.

The Certification Authority validates the information from the CSR and issues an SSL certificate. Depending on the certificate type, the CA may request additional documentation to verify the information.

Step 2. Install SSL Certificate

Once the certification process is complete, the Certificate Authority provides a certificate file (.crt). The file needs to be placed on your server.

1. Access the SSL/TLS Manager in cPanel.

2. Select the Certificates (CRT) option.

Upload SSL certificate to server.

3. Paste the body of the certificate file and select Save Certificate. Alternatively, upload the .crt file using the Browse option and click Upload Certificate.

Paste csr file in cPanel SSL Manager.

4. Access the Install and Manage SSL for your Site (HTTPS) menu.

Install SSL certificate using cPanel.

5. Select the certified domain using the dropdown menu and click Autofill by Domain.

6. The system retrieves the certificate and the corresponding private key as they are located on the same server.

Autofill private key and SSL certificate based on domain.

7. Click Install Certificate.

Install the SSL certificate on your server.

Once the installation process is complete, enable the SSL certificate in Magento.

Step 3: Enable SSL Certificate in Magento 2

To enable an SSL certificate in the Magento 2 admin:

1. Access the Stores menu and click Configuration.

Access Configuration menu in Magento.

2. Select Web in the General tab.

Open the Web tab in Magento to enable SSL certificate.

3. Expand the Base URLs (Secure) section.

4. Update the Secure Base URL to HTTPS.

5. Set the Use Secure URLs on Storefront and Use Secure URLs in Admin options to Yes.

Set secure URL to HTTPS in Magento 2.

6. Click Save Config to apply the new settings.

Save the HTTPS configuration in Magento.

The changes are visible in the storefront once you flush the Magento cache.

Conclusion

You have successfully implemented an SSL certificate and improved data security in your Magento store.

This shows customers that you are willing to invest time and resources in security features and authentication tools to protect their data.

About the author
Vladimir Kaplarevic
Vladimir is a resident Tech Writer at CCBill. He has more than 8 years of experience in implementing e-commerce and online payment solutions with various global IT services providers. His engaging writing style provides practical advice and aims to spark curiosity for innovative technologies.
Talk to a Merchant Support Specialist
cross