How to use SSL on Joomla website?

What type of SSL Certificate do you need?

There are three different types of SSL Certificate:

  • Shared SSL – it is a free certificate configured to work with shared IP. It may show a pop-up warning message when used.
  • Dedicated SSL – it is a paid and private certificate. It will work with your domain only, and it will not show any pop-up warning message when used.
  • Wildcard SSL – it is a paid certificate that works with your domain and subdomains.

Most of the popular hosting providers offer a shared SSL certificate along with their hosting plans for free. Private (dedicated, wildcard) SSL certificate is usually a paid option. For more details, you should check your hosting company offer.

How to enable SSL/HTTPS on a Joomla site?

Step1: Install SSL Certificate on your server

Since installing a certificate may vary between hosting providers and server configuration, you should check your hosting documentation for more detailed instruction.

Step2: Enable Force HTTPS/SSL on your Joomla site

In your Joomla backend navigate to System -> Global Configuration.
On the Server tab you need to set “Entire Site” for the “Force HTTPS” option:

SSL HTTPS on Joomla site

Remember to click on Save to save your settings.

Step3: Additional tweaks

Now, you have SSL enabled in your Joomla, but if visitors use HTTP protocol to visit your site, they will not be automatically redirected to HTTPS. You will need to add some tweaks to your Joomla files.

In the root directory of your Joomla, you will find the configuration.php file. Open this file using a text editor and replace the following line:

var $live_site ='';

With:

var $live_site = 'https://www.yourdomain.com';

In the same directory, you will find the .htaccess file. Using a text editor add these lines at the bottom of the file:

RewriteEngine On
RewriteCond %{HTTPS} OFF
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

SSL Troubleshooting

If you face some problems during SSL configuration on your Joomla site, you can give a try to some SSL troubleshooting tools available on the Internet. SSL Shopper is one of the most popular ones, it provides such tools like SSL Checker, CSR Decoder, Certificate Key Matcher and SSL Converter.

What is a Joomla Force HTTPS?

It’s a Joomla feature purposed for activating the SSL (Secure Sockets Layer) Certificate on your Joomla powered site. SSL is a security protocol responsible for encrypting private data between a browser and the server. All connections leading to (and within) your site will use the secure HTTPS protocol instead of HTTP prefix.

If you run an e-commerce website, SSL certificate is something that you need to protect your data. It provides a high-security level for communication data. Using SSL is also required for the PCI compliance – necessary for card providers (VISA, MasterCard, American Express and more). Besides that, you should know that Google is going to prefer SSL/HTTPS sites and give them a better indexing and position in search results.

Posted in Hosting Tutorial.