🔏Native SSL via ZeroSSL
Last updated
Last updated
ZeroSSL is not recommended as a free implementation; instead, use Let's Encrypt.
Only use ZeroSSL if you have a compelling reason such as being a commercial customer with a paid certificate.
Before you begin, make sure Port 443 is open and unblocked by any other application, firewall, or SELinux policies on your server.
We use ZeroSSL instead of Let's Encrypt as our native SSL implementation for a simpler and more streamlined integration.
ZeroSSL allows you to generate trusted certificates through an online wizard right on the front page of their site and download them to your desktop in a zip file:
To get started with ZeroSSL, enter your platform domain name, including subdomain, into the wizard right at the top of their website:
Walk through the wizard until you reach the Verification step.
Choose DNS CNAME for your Verification Method
Create a CNAME record on your DNS hosting provider and copy over the content from ZeroSSL:
Using Cloudflare for our example, we'll click Add record and select CNAME from the dropdown
Back on ZeroSSL click Next Step then Verify Domain:
Verified!
Download the zip file and you're done on the ZeroSSL website.
Now that you've authenticated your domain with ZeroSSL and downloaded the zip file, you're going to need to copy the zip ZeroSSL provided you with to your platform installation server:
Back on the server we're going to extract the archive:
You'll see the archive has extracted three files into the current directory:
Now we're going to combine two of the files into a new file using the cat command:
Copy our newly created file into the proper directory
Change directory to your platform installation :
Run the automated SSL conversion script:
Restart your platform:
You're done.
You should now be able to access your platform using https:// instead of http://
You'll need to log in again, as your previous non-SSL cookies are no longer valid.
Before ZeroSSL:
After ZeroSSL:
