Article

  • 9 years

    4 years

    YetiShare / Core

    8622

How to enable ssl (https)

To enable ssl/https on your installation you first need to purchase a certificate from your webhost. This involves generating a CSR (certificate request) which is sent to your webhost who then returns your CRT (certificate). Follow the guidance from your webhost on how to best install this on your server.

Once the certificate is installed correctly you'll see your site shows on https, although all the css, images, js etc will still be on http. In order for the script to work you'll need to update the _config.inc.php.

  • In the root find _config.inc.php.
  • Open for editing.
  • Find:
define("_CONFIG_SITE_PROTOCOL",      'http');
  • Replace with:
define("_CONFIG_SITE_PROTOCOL",      'https');
  • Save and re-upload the _config.inc.php file to your site.


Force HTTPS

If you're using Apache you can force all traffic via https so when a visitor goes to http it'll automatically redirect to https. Add the following on a new line after "RewriteEngine On" in your .htaccess file:

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]