How to Configure WordPress to Work with an SSL Certificate?

How to Configure WordPress to Work with an SSL Certificate?

To properly configure WordPress to work with SSL, there are two things you need to do – install a certificate and configure your application to work through HTTPS.

Step 1: Install an SSL Certificate

In Site Tools, go to the Security > SSL Manager page. Here, select your domain, choose the type of certificate you want, and click on the Get button. Let’s Encrypt and Let’s Encrypt Wildcard are completely free certificates that you can use for your sites, while the Premium Wildcard certificate is a paid one that has to be ordered.

How to Install Let's Encrypt Certificate

In cPanel, you can do the same by going to the Let’s Encrypt tools, select your domain from the list and click the Install button.

How to Install SSL in cPanel

Step 2: Configure WordPress to Work Through HTTPS

Now that you have a certificate, you need to configure WordPress to properly use it and force your traffic through HTTPS. The easiest way to do this is by using our SG Optimizer plugin. In it, go to the Environment Options tab and press the Enable HTTPS button.

Enable HTTPS with SG Optimizer

That’s it, our plugin will take care of everything for you. Make sure to check your site in details after this change. In addition to that, you will need to log in anew to your admin panel, this time securely.

Troubleshooting Insecure Content

In some cases, even after correctly configuring your site, you may get an Insecure Content error from your browser. This happens, because some of the resources your site utilizes aren’t loaded through HTTPS. Usually, the reason for this is hardcoded resources within themes and plugins. Although rare, such cases are difficult to troubleshoot, so we have added another functionality in the SG Optimizer plugin – Fix Insecure Content. Enabling this option will dynamically fix such problems before they trigger browser errors. Note, that it will add minimal overhead to your loading times but it is a good practice to enable it only if your site needs it. In the majority of cases, this will not be necessary.

Share This Article