This page will be amended.

Getting an SSL certificate

There are a small amount of universally recognized SSL signing authorities.

However they have dozens of resellers who resell the same certificates cheaper as if you buy them from the source.

So shop around a little.

You may also buy the certificate directly from your hosting company, for convenience.

In many cases you only need a "DV" certificate which is certified to be issued to the owner of the domain (but which does not certify who the owner of the domain is).

Installing the certificate on the server

If you buy your certificate from you hosting company, then installation may be automatic.

Otherwise you will need to follow a procedure like this:

• Generate a private key on your server
• Generate a certificate signing request (CSR) based on that private key
• Send this CSR to the signing authority
• Get back a certificate
• Install that certificate on your webserver
• Tell Apache to use that certificate on SSL connection (port 443)
• Restart Apache

If you see the warning:

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

…when restarting apache you probably need to add NameVirtualHost *:443 to your /etc/apache2/ports.conf file (and restart apache again).

Testing the certificate

Before trying to use https with b2evolution, try to securely load a static image via https to validate that the certificate works.

For example try: https://your-awesome-domain.com/rsc/img/b2evolution8.png

Does the image appear with the SSL lock icon?

Enabling HTTPS for b2evolution

If you are switching all your site, change the Base URL ($baseurl).

If you need more granular control over what is going to be http or https, see Collection Base URL Panel.