Installing Free SSL For Your WooCommerce Site Via CloudFlare

2
529 views
installing-free-ssl-via-cloudflare

When it comes to building an online store, there are many costs to spend. And security is an important issue that you don’t have to pass by. The average cost to buy an SSL certificate ranges from $30 to $300. Luckily, CloudFlare service has recently provided Free SSL to help everyone install that security method for free. We don’t have to install any other applications on hosting server but using CloudFlare only to activate the SSL protocol.

Everything You Need to Know Before Using SSL

  • When using SSL, your website will use the HTTPS protocol with a path that has a blue padlock.
  • Your website will load slower if Full SSL is set because it must encode when sending/receiving data.
  • If using Full SSL, when you transfer to another host, you have to restart.

Details about CloudFlare SSL Types

Flexible SSL
You don’t need to have an SSL certificate on your server but your visitors still see the green lock icon in their browsers.In addition, information between your visitor and CloudFlare will be encrypted. However, there is no secure connection between your server and CloudFlare.
Full SSL
Both connections between your visitor and CloudFlare and between CloudFlare and your Server is secured. This option requires you to have an SSL certificate on your server. However, CloudFlare does not verify the authenticity of that certificate, you can create a self-signed one.
Full SSL (strict)
Information is encrypted between your visitors and CloudFlare, and from CloudFlare to your server. You will need an SSL certificate that has to be validated and must be signed by a trusted certificate authority.
How to install SSL via CloudFlare?
In order to install SSL for free, you need to setup CloudFlare for your WordPress site. After that, everything is simple than ever.

How to Install Full SSL using CloudFlare Certificates?

You can set Full SSL so that the data you send to CloudFlare or from CloudFlare sent is encrypted more securely. In this article, we will cover how to use SSL issued by CloudFlare instead of private SSL certificates.

Step 1. Choosing SSL Option

In the Crypto folder, you choose Full SSL or Full SSL (strict)

free-SSL

Step 2. Creating a Certificate on CloudFlare

Crypto >> Origin Certificates >> Create Certificate >> Let CloudFlare generate a private key and a CSR >> Next

free-SSL

You should save two information Origin Certificate and Private Key in order to use in the next steps.
And then you just need to wait for CloudFlare to validate your certificate. It may take a half an hour or more.

Step 3. Installing Certificate on your Server

Depending on which web server you are doing -Nginx or Apache, there is a different way to install.

Nginx

First, you save the Origin Certificate content to certificate.pem file and upload to the server.

Next, save the Private key in cert_key.pem file and upload it to the server.

Now, you can configure SSL for NGINX and modify the configuration in NGINX as follows:

MARKDOWN_HASH520c6525752fa0ebcf8237932c644833MARKDOWN_HASH

:The path to the created certificate.pem file.

MARKDOWN_HASH479d41ed584bbde74fdf7165d48fec6fMARKDOWN_HASH

:The path to the created cert_key.pem file.

Here is an example of SSL setting up on NGINX:

server {
listen 80;
listen 443;
ssl on;
ssl_certificate /path/to/certificate.pem;
ssl_certificate_key /path/to/cert_key.pem;
server_name your.domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your.domain.com/public/;
index index.html;
}
}

You can do the same on any operating system, regardless of the script (if used), because it simply sets the path to the certificate files for accuracy.

Apache

First, you save the Origin Certificate content to certificate.pem file and upload to the server.

Next, save the Private key in cert_key.pem file and upload it to the server.

Then configure SSL for Apache, and modify the configuration as follows:

MARKDOWN_HASH06f8620ef84509dcf5dbbe2fdf02a1beMARKDOWN_HASH

:The path to the created certificate.pem file.

MARKDOWN_HASHf1b49a6e324288dd2e33d0a4b0b24ea9MARKDOWN_HASH

:The path to the created cert_key.pem file.

For example:

<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/certificate.pem
SSLCertificateKeyFile /path/to/cert_key.pem
</VirtualHost>

And then, restart Apache:

# CentOS/RHEL/Fedora
service httpd restart
# Ubuntu/Debian
service apache2 restart

Activate SSL for WordPress

And finally, after activating SSL successfully, installing Really Simple SSL plugin to help your site change into HTTPS protocol automatically and SSL Insecure Content Fixer plugin in order to avoid white or yellow HTTPS color errors.

Conclusion

Through on this article, you have already known how to install free SSL via CloudFlare. If you have any difficulty in any step, don’t hesitate to ask us on the comment bellow.

Read More: YITH Essential Kit for Woocommerce

Leave a Reply

2 Comments on "Installing Free SSL For Your WooCommerce Site Via CloudFlare"

Notify of
avatar
Sort by:   newest | oldest | most voted
fredson
Guest

Great post , Thanks for your effort ,,, I’m much thankful

wpDiscuz