One of the best ways to secure your WordPress website is by adding an SSL certificate to your domain.

Installing an SSL certificate on your site’s domain was not only difficult but could also end up breaking your bank. This changed with the Let’s Encrypt open-source project that aims to automate the free installation of SSL certificates for everyone.

With this in mind, in this post, we’ll walk you through a step by step tutorial of installing a free SSL certificate on your WordPress site with Let’s Encrypt. We’ll outline how you can go about installing the SSL certificates through SiteGround’s cPanel and DreamHost’s control panel so you can follow whichever one is easiest for you.

Let’s put everything into context before we begin!

A Brief Overview of SSL

Have you ever noticed that some sites have an HTTPS prefix to their URLs instead of the traditional HTTP?

WP Mayor SSL certificate

We’re using an SSL certificate on WP Mayor.

Sites that require users to enter personal information such as credit card numbers, payment details, and login credentials need a Secure Sockets Layer (SSL) certificate. These certificates are used to prevent hackers from gaining access to the data that a website and its end user are passing to one another.

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. – SSL.com

The origin of SSL certificates can be traced back to 1996 when they were created to make the connection between a website and its end user more secure. A few years later, the original SSL certificates underwent improvements and were called Transfer Layer Security (TLS). Although we’re actually using TLS certificates today, they’re most commonly known by their original name, SSL certificates.

Let’s Encrypt.

Let’s Encrypt is a new Certificate Authority.

To move from an HTTP site to an HTTPS site you’ll need to install an SSL certificate acquired from a certified authority. In the past, these certificates cost money and typically required the site to be hosted on a Dedicated Server or a Virtual Private Server. All this changed with Let’s Encrypt. Let’s Encrypt is a free, automated, and open certificate authority provided by the Internet Security Research Group (ISRG).

As you can guess by now, adding an SSL certificate to your WordPress website is important – especially if your customers are entering personal information. Let’s Encrypt makes it easier than ever before to add an SSL certificate to your site. In the following section, we’ll walk you through a step by step tutorial on how you can add free SSL certificates to WordPress using Let’s Encrypt.

Adding Free SSL Certificates to WordPress

With Let’s Encrypt, webmasters can install SSL certificates on their site in a few easy steps. We’ll use Shell access to add a couple of lines of code and then we’ll install and run Let’s Encrypt’s Automatic Certificate Management Environment (ACME) client. By the time you’re done with this tutorial, an SSL certificate will be installed on your WordPress site, instantly!

The easiest way to install an SSL certificate on your site is to sign up with a hosting provider that offers this service in their package. Some of the most popular WordPress hosting providers are offering built-in SSL set up to their customers at no additional cost.

  • SiteGround. SiteGround lets customers install security certificates by Let’s Encrypt without any complicated configurations or validation emails. The certificates are automatically renewed and supported by all of the major browsers.
  • DreamHost. DreamHost’s DreamPress pre-installs an SSL certificate from Let’s Encrypt and gives their customers a private IP address that’s dedicated to their website.
  • Other Web Hosts. Most web hosting companies have a section in their documentation that explains how customers can install third-party SSL certificates on your domain. BlueHost and WP Engine let their customers know how they can do this.

Setting Up Free SSL on SiteGround

Step 1: Login to your website’s (hosted with SiteGround) cPanel.

SiteGround cPanel

Login to your SiteGround hosted website’s cPanel.

Step 2: Scroll down to the Security section of the dashboard and click on the Let’s Encrypt link.

Security > Let's Encrypt

Navigate to Security > Let’s Encrypt.

Step 3: In the following screen, scroll down to the Install new Let’s Encrypt Certificate section and enter your site’s details.

Domain name and email address.

Enter the site’s domain name and your email address.

  • Domain. The domain name where you would like to install the free Let’s Encrypt SSL certificate.
  • Email. Your email address.

Step 4: Click the Install button to continue.

That’s all there is to it. Let’s Encrypt will now issue an SSL certificate for the domain name you provided and you’ll receive a notification when it has successfully installed on your WordPress site.

Setting Up Free SSL With Let’s Encrypt on DreamHost

Step 1: Login to your website’s (hosted with DreamHost) web-based control panel.

Step 2: Navigate to Domains > Secure Hosting.

Step 3: In the following screen, click the Add Secure Hosting button to proceed.

Step 4: You’ll be prompted to select a domain from the drop-down list. Find your domain and click on it.

Step 5: Tick the box next to Signed Certificate in order to install the free SSL certificate from Let’s Encrypt.

Step 6: Click the Add now! button at the bottom of the screen.

Once you’re done, DreamHost will automatically set up your free SSL certificate from Let’s Encrypt and notify you when it is done installing.

Some Final Steps

Once you’re done installing the SSL certificate you’ll need to make a few more updates to your WordPress website to ensure everything functions smoothly. First off, we’ll show you how you can move your site from HTTP to HTTPS by updating its URLs. Next, you’ll have to update your site’s URLs in Google Analytics.

Updating WordPress URLs After Setting Up SSL

At this point, your website’s URL will still look something like this:

http://www.yoursite.com

This means that even though you’ve installed the SSL certificate, your site is still using the HTTP protocol. To start using your newly installed SSL certificate, you’ll have to make your site use the HTTPS protocol i.e. you’ll need to update the URLs of your WordPress website to look like this:

https://www.yoursite.com

Here’s how you can move WordPress URLs from HTTP to HTTPS:

New WordPress Sites

Step 1: Navigate to Settings > General from the WordPress dashboard.

Step 2: Update your site’s URL in the following two text boxes:

Update the URLs from HTTP to HTTPS.

Update the URLs from HTTP to HTTPS.

  • WordPress Address (URL)
  • Site Address (URL)

Step 3: Click the Save Changes button.

Existing WordPress Sites

If your site has been up and running for some time before you installed the SSL certificate then chances are your readers and visitors have been linking to its old URLs on their social media networks, blog posts, and elsewhere. Thankfully, WordPress offers a free plugin that lets you redirect your traffic to the new (HTTPS) URLs.

For existing site, install the Really Simple SSL plugin.

For existing site, install the Really Simple SSL plugin.

Install and activate the Really Simple SSL plugin. You don’t have to mess around with any configuration settings. Once the plugin is installed, it will automatically detect your installed SSL certificate and set up your site’s URLs.

Updating Google Analytics Settings

If you’re using Google Analytics then you’ll need to update your WordPress website’s URL from HTTP to HTTPS there, as well. Here’s how you can update it:

Step 1: Login to your site’s Google Analytics dashboard.

Step 2: Navigate to the Admin tab.

Navigate to Admin > Property Settings.

Navigate to Admin > Property Settings.

Step 3: Click on Property Settings under your website’s name.

Update the Default URL to https://.

Update the Default URL to https://.

Step 4: From the Property Settings screen, click on the drop-down list under Default URL and select https://.

Step 5: Click Save.

Wrapping It Up

While Let’s Encrypt is still in beta and undergoing significant changes, some web hosts have already started to allow their customers to install free SSL certificates on their domain. We showed you how you can install your very own certificate through SiteGround and DreamHost’s control panels without having to code. Be sure to try it out on your own!

Are you thinking about installing a free SSL certificate from Let’s Encrypt on your WordPress website? Get in touch by commenting below!

About Rafay Saeed Ansari

Rafay is an entrepreneur, computer scientist, professional writer for several high-traffic websites, and founder of Blogginc. He provides byline and ghost-writing services for digital and brick-and-mortar businesses with a focus on web development, WordPress, and entrepreneurship.