How to enable SSL (HTTPS) for Magento 2


SSL protection of online store has been considered seriously by Google and become the standard procedure in the e- commerce field. Customers’ security is protected during their sign up, using their credit card and entering their personal information by encrypting all the data. Google treats this issue seriously so that it was not surprising to be announced as a ranking factor in 2014. Transformation to HTTPS is believed to improve the credibility of the online stores. However, there are still buzz heard in the SEO community so that not every web owners immediately switch to HTTPS. Even after switching to HTTPS, its effectiveness is still controversial as it is claimed to be able to either improve or drop the site ranking. there are some sites even do not recognize any changes in  sites ranking. However, in overall, having SSL activated for your online store will still attract more clients as the HTTPS link provides customers with the feeling of trust.

You may interest:

Magento 2 e-commerce package is designed to provide fast and secure hosting environment, in this Magento tutorial we will learn how to enable SSL (Secure Sockets Layer) HTTPS for Magento 2.

How to get a free SSL

Normally, you can get an SSL for your domain via purchase at an SSL seller which you can easily find via internet. However, there is a free SSL provider

Let’s Encrypt is a free SSL provider run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG), sponsored by many reputed companies.

Enabling SSL in Magento

Before enabling SSL in Magento, you have to check carefully to make sure the web server is configured properly. Open any static file through HTTP, in example:

If the file is shown in the browser without any certificate warnings, we can proceed to setup SSL for Magento.

SSL certificates create and encrypt link between a server and the clients. Functioning SSL allows users to transmit sensitive personal information without the fear of eavesdropping by the third party. SSL certificates use a public and a private key, which is created as server’s operators initiate a CSR, in conjunction to encrypt data. The certificate also contains domain name as well as the hosting company’s name and location.

Once you have purchased your SSL certificate, you can enable HTTPS for your store using dashboard or SSH.

1. Enable SSL in Backend

Step 1:


Login to your Magento 2 back end dashboard.

On the Admin sidebar, navigate Stores > Configuration > General >Web.

Step 2:

base url

Explore the Base URLs (Secure) section.

  • In the Secure Base URL section, enter “https://” and followed by your domain.
  • In the User Secure URLS in Storefront drop-down list, select the option Yes.
  • In the Use Secure URLs in Admin drop-down list, select the option Yes.

Click Save Config. on the upper right corner to save all the process.

Your online store is configured to use your SSL certificate now.

2. Enable SSL certificate using SSH

Step 1:

In your server command interface.

Change directory to your Magento installation as follow:

Step 2:

Select one but replace all bracketlet placeholders accordingly:

  • Enable secure URLs in both the front end and admin backend only areas of the store:

  • Enable secure URLs in the back end section only:

After enabling the SSL in Magento store, you need to clear all Magento cache. In the Admin sidebar, go to System > Cache Management and click on Flush Cache Storage button.

3. Set up 301 redirect from HTTP to HTTPS

The redirect from HTTP to HTTPS can be done by Magento configuration but we should use server redirection to reduces hardware consuming.

In order to do it, you can follow this instruction:



In order to apply the changes, your server needs rebooting.

For apache run the following command:

For Nginx

Possible issues in enabling process

After enabling HTTPS, the URL bar may not turn to green as you expected, this is due to not all of the URLs on your sites were changed to HTTPS as some js or image files are still being loaded using HTTP protocol. Inorder to prevent that issue, you have to check all the URLs that are running under HTTP all over your website and change them to HTTPS, for example, some internal links in your content still using HTTP or some Js and Image files still contain HTTP in their URL, this will be a time-consuming task, you need to carefully check and fix all URL to get a green status on URL bar.

After switching your Magento store to HTTPS

Social signals

After switching your sites to HTTPs, some social shares will be transferred via API over time, some will not. Google Plus shares count transfers moat of the time without any loss. On Facebook, in contrast, likes counts never return.

Marketing and SEO tools

Despite the fact that there are an increasing number of sites switching to HTTPs, not all the tools are already available for that as some of them neither show redirect or Alexa rank nor generate XML sitemap.

Frequent checking

It is the dark forest for the period right after the switching process. You would never know what is happening after all. Frequent checking is crucial in this period. You should check as many time as possible to ensure goals in Google Analytics are tracked properly and your AdWords traffic is still remained, etc. As checking frequently, you can identify any problems and fix them right away.

Tricky ranking

When it comes to Google, it is nearly impossible to forecast the outcome of your actions, especially for the serious and significant change as switching to HTTPs. Google set it as a ranking factor so that we can expect the action will boost our ranking although things can be much more sophisticated in reality. It is more likely that your ranking will drop for several times. This period may last for few days or even more before you can see any improvement. We have to keep in mind that rankings depend on numerous factors and hence it is difficult to predict actions’ influence on them.

As you will have to switch to HTTPs sooner or later, prepare yourself for this fluctuation in ranking.

How to enable SSL (HTTPS) for Magento 2
5 (100%) 1 vote


About Author

Daniel is a Magento developer with 5 years of experience with customizing Magento extensions, Magento templates. He's main author at Magento explorer


  1. Hi,
    I have a problem with setting this up with old URL Rewrites..

    It’s almost as the rewrite have to be done before the http -> https redirect.
    Otherwise the redirect won’t work.

Leave A Reply