Stablepoint Knowledge Base

Get all the help you need here.

SSL Certificates

Posted 29th April, 2019

SSL Certificates provide encryption and security, and should be enabled on every website.

What is an SSL Certificate?

An SSL certificate on your site gives you the padlock icon in your browser, and this encrypts communications between visitors to your site and the server.

Google is now giving sites without SSL certificates a warning in the browser so it is more important than ever to have an SSL certificate on your site.

Stablepoint SSLs

All sites/domains hosted by Stablepoint benefit from free automatic SSL Certificates. This includes all full domains, and all subdomains. We use the cPanel AutoSSL to offer this through one of two providers: LetsEncrypt and Sectigo. These SSLs are just as secure as any other SSL Certificate you can buy.

How to set up

As long as your domain or subdomain points to us (via the nameservers or A record) the system will request an SSL for the domain and install it automatically if it doesn't already have one. This process is transparent and requires no intervention from you.

Adding an SSL to a domain that has just been pointed can take a couple of hours. However, you can force the AutoSSL process in cPanel:

  1. Log into your cPanel control panel
  2. Click SSL/TLS status
  3. Tick the domains in question and click 'Run AutoSSL'.

The domain needs to be pointing to our servers for AutoSSL to function

Installing Third Party SSL Certificates

You may want to install a third party certificate (purchased elsewhere). This may be because it is organisation validated rather than domain validated.

Please note that installing your own SSL certificate will stop AutoSSL from working on your cPanel account. However, an AutoSSL certificate will replace your own third-party certificate should it expire.

To install your own SSL certificate.

  1. Log into cPanel
  2. Click SSL Hosts
  3. You can paste in your certificate here.

Forcing SSL on your site

As soon as your SSL is installed, you can request your website with both http:// and https://. However you may want to force users to the latter. To do so, you can add the following to your .htaccess file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This will redirect all requests for http:// to https:// but it is important that you only do this after your SSL is installed and working. If you're running a CMS like WordPress, it is also important to set the Site URL and Homepage in the wp-admin area to include the https://. This is important so that images and stylesheets and so on are loaded over https:// as well.