Activate SSL Immediately – HTTPS Is Mandatory Today

This guide shows you why HTTPS is mandatory for every website and how to activate it immediately with a free Let's Encrypt certificate. An encrypted connection protects your visitors' data and is rewarded by Google with better rankings.

Note: Detailed subpages on SSL/TLS and web server configuration can be found in the left navigation.

Why HTTPS Is Mandatory Today

• Trust: Visitors see the lock icon in the address bar – if it's missing, many will leave
• SEO: Google ranks HTTPS pages higher than pure HTTP pages
• Browser warnings: Chrome and Firefox actively warn about unencrypted pages with "Not secure"
• Privacy: Without HTTPS, third parties can read passwords, credit card details and personal messages
• HTTP/2: Modern performance features like HTTP/2 only work with HTTPS

Activating SSL at NexoraHost

Webspace with Plesk

1. Log in to Plesk
2. Go to Websites & Domains → SSL/TLS Certificates
3. Click Install Free Certificate
4. Select your domain and enable Redirect from HTTP to HTTPS
5. Click Install
6. Your website is immediately accessible via https://

VPS / Root Server with Nginx

# Install Certbot
sudo apt install certbot python3-certbot-nginx -y

# Create certificate and automatically configure Nginx
sudo certbot --nginx -d your-domain.com -d www.your-domain.com

# Test automatic renewal
sudo certbot renew --dry-run

VPS / Root Server with Apache

# Install Certbot
sudo apt install certbot python3-certbot-apache -y

# Create certificate and automatically configure Apache
sudo certbot --apache -d your-domain.com -d www.your-domain.com

# Test automatic renewal
sudo certbot renew --dry-run

Redirect HTTP to HTTPS

Nginx

server {
    listen 80;
    server_name your-domain.com www.your-domain.com;
    return 301 https://$server_name$request_uri;
}

Apache (.htaccess)

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

Automatic Certificate Renewal

Let's Encrypt certificates are valid for 90 days. Certbot automatically sets up a cronjob that renews the certificates:

# Check if the automatic renewal timer is running
sudo systemctl status certbot.timer

# Manually renew (if needed)
sudo certbot renew

# Show all registered certificates
sudo certbot certificates

Check After Activation

1. Go to your website with https:// – the lock icon must appear
2. Go to your website with http:// – you must be automatically redirected to HTTPS
3. Check your certificate at ssllabs.com/ssltest – goal: Rating A or better

Common Problems

Certificate cannot be created:

• Does the domain point to your server? Check the A record in DNS
• Is port 80 open in the firewall? Let's Encrypt checks the domain through it
• Is the web server running? sudo systemctl status nginx

Mixed Content:

• Your page loads resources (images, CSS, JavaScript) still over HTTP
• In WordPress: Change the URLs to HTTPS under Settings
• In the database: Update old HTTP links with a search-replace tool

SSL certificate expired:

• Check the Certbot timer: sudo systemctl status certbot.timer
• Manually renew: sudo certbot renew
• For problems: Delete certificate and create a new one

Detailed guides on SSL/TLS and web server configuration can be found in the articles in the left navigation.