How to enable SSL for Magento

This article describes how to enable SSL for a Magento site. As an e-commerce provider, you should use SSL to help protect customer data and transactions.

Enabling SSL for Magento

Use one of the following procedures for your version of Magento.

Magento 2

To enable SSL for Magento 2, follow these steps:

1. Log in to Magento as the administrator.
2. On the left sidebar, click STORES, and then click Configuration.
3. Under GENERAL, click Web.
4. Click Base URLs (Secure).
5. To make all storefront pages accessible only when using SSL, in the Use Secure URLs on Storefront list box, select Yes.
   By default, Magento uses SSL for all pages where customers must submit sensitive information (for example, registration and login pages). When this option is enabled, SSL is required for all store pages.
6. To make the administration interface accessible only when using SSL, in the Use Secure URLs in Admin list box, select Yes.
   For enhanced security, Webhost.Berlin strongly recommends that you require SSL for the administration interface.
7. Click Save Config. SSL is now enabled for Magento.

Magento 1.9

To enable SSL for Magento 1.9, follow these steps:

1. Log in to Magento as the administrator.
2. On the top menubar, click System, and then click Configuration.
3. On the left sidebar, under GENERAL, click Web.
4. Click Secure.
5. To make all storefront pages accessible only when using SSL, in the Use Secure URLs in Frontend list box, select Yes.
   By default, Magento uses SSL for all pages where customers must submit sensitive information (for example, registration and login pages). When this option is enabled, SSL is required for all store pages.
6. To make the administration interface accessible only when using SSL, in the Use Secure URLs in Admin list box, select Yes.
   For enhanced security, Webhost.Berlin strongly recommends that you require SSL for the administration interface.
7. Click Save Config. SSL is now enabled for Magento.

Using Let's Encrypt with Magento

Using an SSL certificate from a recognized Certificate Authority is recommended for best results when enabling SSL for Magento. Let’s Encrypt is a free, automated, and open certificate authority and is recognized by most modern browsers. Let's Encrypt is supported for all new Webhost.Berlin accounts and certificates may even be generated automatically for immediate use. For details regarding Let's Encrypt for your account type, please see the Related Articles below.

More Information

To view the offical Magento documentation, please visit https://magento.com/help/documentation.

Related Articles

• Introduction to SSL

  What is SSL, and why would I use it? If you have never worked with SSL certificates before, we recommend you start here.

• Optimizing Magento

  Learn how to optimize your Magento site in this article.

• Securing a cPanel-enabled account with a Let’s Encrypt SSL certificate

  Your cPanel-enabled account can be configured to automatically generate, install, and renew valid SSL certificates. Learn more here.

• Securing a semi-managed server with a Let’s Encrypt SSL certificate

  Learn how to automatically generate and install a valid SSL certificate on a semi-managed server using Let’s Encrypt.

• Differences between Let’s Encrypt certificates and traditional CA-issued certificates

  Let’s Encrypt certificates provide a new and easy way to create and install SSL certificates. However, they are not suitable for all situations. Learn more here.

• Generating and renewing Let’s Encrypt SSL certificates in Plesk

  Learn how to create and maintain Let’s Encrypt SSL certificates for your site by using Plesk.