How to enable SSL/HTTPS on your Joomla site?
SSL is now a rudimentary requirement of any website today to protect their customers from unknown spying activities and phishing techniques. In this article, we will know about SSL and Joomla websites. How you can protect your customers from Joomla websites with SSL certificate. First, you need to purchase the certificate from third party SSL providers like SSL Shop or direct certificate authorities like Comodo, Symantec, RapidSSL, GeoTrust etc. When you add SSL to your Joomla website, your customers will have secured HTTPS login on your site. You can enable SSL on the single web page or the whole website. There are few steps required in Enabling SSL on Joomla website.
However, before jumping to the installation process, we need to take a ride into the world of SSL certificate. As there are many, have little understanding about SSL certificate.
Whatever the information exchanges between these two ends should be encrypted or encoded to save it from prying eyes, and at this point, the role of SSL gets started. SSL certificate is a protocol that binds encryption to the traveling information between two ends like the users and the website server. As the name suggests, SSL certificate has many types that are prepared with different business security needs. If we talk about main types then there are domain validation, business validation, and Extended Validation certificates. Almost SSL certificates are divided into these three categories. Either you purchase single domain SSL, wildcard SSL or UCC/SAN SSL certificate, the validation process will be done by the certificate authority (issuer of a certificate) which is based upon its types.
Let us Have Brief Information about Each Type:
Domain Validation: It is ideal for single domain SSL and the certificate authority (CA) validates the ownership of a domain and issues the certificate.
Business Validation: In this type of certificate, the CA verifies the authenticity of a business listing and checks domain ownership, then issues the certificate to the applicant.
Extended Validation: Extended Validation (EV) bears the highest authentication and checking from certificate authority side. It checks the business listing in popular directories, domain ownership and includes phone verification too.
Besides, UCC/SAN, Code Signing, wildcard SSL are few certificates that have gained popularity in SSL industry. All these SSL certificates are called as price saving certificate that is ideal for those organizations who wants to save multiple domains and sub domains under a single SSL certificate. Hence, there will be no issue of multiple certificate management. The wildcard is ideal when unlimited sub domains need security under single SSL certificate. UCC/SAN SSL is the best to secure multiple domain names where Code Signing certificate is suitable to sign software code to avert malicious software download.
After revealing about SSL certificate, let us focus on the installation of SSL certificate on Joomla server. For any installation, you need to purchase SSL certificate from hosting provider (if they provide) or third party SSL provider. Where do you need CSR, Private Key, CA certificate and CA bundle once you get the certificate? So let us start from CSR creation for Joomla server.
Create CSR from Server:
CSR should be created on your server like Apache, IIS, and cPanel. CSR also provides a private key, which should be kept secretly. Your CSR may contain fields like Common name, country code, state, locality, organization unit, private key strength (2048-bit).
Once you create CSR from the server, you should proceed with the configuration process. Once the configuration is done, the certificate authority will issue the certificate.
Install SSL certificate:
You can get the certificate via email that should be sent from a direct certificate authority. The certificate should contain zip file. The zip file contains CA bundle and main certificate. Now, install SSL certificate depends upon server type like cPanel, IIS, Apache, Tomcat, Exchange server. To make SSL trustworthy, you should install root and intermediate certificate as well as name CA bundle.
Enable SSL on Joomla Website:
After installing SSL certificate on your desired server, it is time to enable SSL on Joomla website. The steps are as below.
- Go to System –> Global Configuration.
- Navigate to the Server tab.
- Set the Force SSL option to Entire Site, Administrator Only.
- Save settings.
You need to redirect webpages to HTTPS as it will not be automatically redirected. Use below command lines to redirect to HTTPS.
- Open the text editor and open the configuration.php file from the site and find below command:
- Replace above command with below command:
- Now go to .htaccess file and add below lines at the end of the file:
At last: Your website is now enabled with SSL certificate and all of your webpages of a website will be redirected to HTTPS- a secured connection.
Once you install SSL, you can check SSL installation with SSL checker to see if everything went well or not. SSL checker will give all certificate details like expiry, intermediate and root certificate installation, domain name, compatibility, etc.