Have questions about Flywheel’s Simple SSL feature? You’ve come to the right place!
1. What’s the cost for Simple SSL? Is it really free?
2. How does Simple SSL work? How is the certificate generated?
3. Why is Flywheel offering Simple SSL for free?
4. What’s the difference between Simple SSL and a “bring your own” certificate?
5. Will I need to renew my Simple SSL certificate?
6. How can I add Simple SSL to my site?
7. Can I switch from a paid “bring your own” certificate to Simple SSL?
8. How long does Simple SSL take to validate?
9. Can I force HTTPS site-wide with a Simple SSL certificate?
10. If I force HTTPS, will HTTP links still work? Will I need to update anything?
11. I forced HTTPS, but my site is still insecure and I don’t see the padlock icon. Why?
12. Can I get a refund for my 3rd party SSL Support fee if I switch to Simple SSL?
13. Can I add Simple SSL if I haven’t pointed DNS for my domain to Flywheel yet?
14. Can I have Simple SSL and a “bring your own” certificate active at the same time?
15. Can I use Simple SSL on a Staging site?
16. I’m having trouble with validation for Simple SSL. What do I do?
17. Can I install Simple SSL on a WordPress multisite?
18. Is Simple SSL compatible with Cloudflare?
19. Is Simple SSL compatible with Sucuri?
20. If I leave Flywheel, can I take my Simple SSL certificate with me?
21. If I’m using a CDN with custom URLs, can Simple SSL secure my assets?
Yep, it’s really free! Simple, right?
Simple SSL certificates are issued by Let’s Encrypt™, a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
We’ve configured our server software to communicate directly with Let’s Encrypt™, validate your cert and install it completely automatically!
We believe in the mission of Let’s Encrypt™ to make secure HTTPS encryption available to everyone, and we’re proud to be helping to lead that charge in the managed WordPress hosting world. (In other words, because we want to be awesome.)
Simple SSL gets you a fully valid SSL certificate you can use to encrypt your Flywheel site. It will work for everything from adding SSL for the slight SEO boost to encrypting customer information on an e-commerce store.
For more information on the specifics of the certificates we’re able to offer with Simple SSL through Let’s Encrypt™, click here.
However, “bring your own” certs do offer some added capabilities that Simple SSL doesn’t. Simple SSL cannot provide OV or EV (Organization Validated or Extended Validation) or wildcard certificates. So if you need one of those, you’ll still need to bring your own.
Nope! Although ordinarily Let’s Encrypt™ certificates do need to be renewed every 90 days, we take care of that for you automatically. So once Simple SSL is active, you don’t need to do anything at all. (So simple!)
Easy! you’ll find the “Enable SSL” link in Overview tab of your site’s Flywheel dashboard. For a full guide with all the steps, check out this help article: How do I add Simple SSL to my site?
Absolutely! Most sites will be just fine replacing their existing cert with Simple SSL, as long as you don’t need an OV, EV or wildcard cert.
You can edit your current SSL settings under the Domains list inside the Overview tab of the site’s Flywheel dashboard.
For full directions, see the help article: How do I switch from using my own SSL certificate to using Simple SSL?
As long as your domain is already pointed to Flywheel, the validation should happen automatically within about 10–15 minutes. Otherwise, validation may take up to 48 hours after your domain’s DNS settings are properly configured, though it’s usually much faster.
If your domain isn’t pointed to Flywheel yet, see the help article: How do I validate my domain for Simple SSL?
Absolutely! Once the cert is installed and activated, you’ll find the option to Force HTTPS in the Advanced tab of the site’s Flywheel Dashboard.
If you switch on “Force HTTPS” from the Advanced tab of the site’s Flywheel Dashboard as described above, we’ll redirect all HTTP traffic to HTTPS automatically at the server level. So yes, all HTTP links will still work, and you won’t have to change anything.
Forcing HTTPS changes the protocol of the overall page load, but it can’t affect certain site files and images. For that, we recommend the SSL Insecure Content Fixer plugin, which should force your existing assets (images and files) to load via HTTPS.
If that alone doesn’t solve the issue, there are likely HTTP links which are coded into the site’s content or files that will need to be updated manually.
You can identify specific assets which are loading insecurely using whynopadlock.com.
Once you know which assets are not loading securely, you can either simply change all instances of “http” to “https” for your site’s local links, or better yet, change all internal links to relative instead of absolute (e.g., instead of “mysite.com/images/picture.jpg”, just use “/images/picture.jpg”).
Note: external HTTP links to third-party services (like Facebook, Google or Twitter) cannot be secured by your site if they are not already HTTPS links, so it won’t be possible to get the green padlock on sites that rely on external, third-party HTTP links.
For more information on fixing insecure content, check out this help article: How to fix insecure content (and get the padlock in your browser’s address bar)
If you have more than 30 days remaining on your previously paid SSL Support add-on (if you paid annually, for example), we’ll be happy to issue a prorated refund for the remaining time on that subscription. Just contact us in the Flywheel app with that request once you’ve made the switch, and we’ll be happy to help.
We are not able to issue retroactive refunds or refunds for any existing SSL support add-on fees with 30 days or fewer remaining on the subscription. Apologies for any inconvenience.
No, that won’t work. Simple SSL is domain-validated, which means that in order to install a certificate on any given site, the domain needs to be pointing to that site.
To make this process as quick as possible, however, you can lower your domain’s TTL setting prior to going live, to a short duration like 5 minutes. (You’ll want to do this at least as far in advance as the old TTL setting. For example, if the domain’s current TTL is four hours, you’ll need to change it at least four hours before going live.) This will cause changes to propagate more quickly, allowing Simple SSL to be installed as soon after going live as possible.
Simple SSL and bring-your-own SSL Support cannot both be active, so you’ll have to pick between the two.
Simple SSL is available for Staging environments on Flywheel Cloud only.
Make sure you’ve taken the site live and that DNS is pointed properlyfor both the www and non-www version of the domain are pointing to your Flywheel site (just one of the two won’t be enough to validate). You can check your DNS settings using our handy DNS health checker.
If everything looks good but you’re still having issues, make sure Privacy Mode is toggled off in the site’s Flywheel dashboard.
If you’re still having issues with Simple SSL validation, please see How do I validate my domain for Simple SSL?
Absolutely! Please note that while Simple SSL has a multi-domain capability, it does not have wildcard capability at this time. If you have a subdomain style multisite, you’ll need to secure each subdomain individually with Simple SSL.
Yes! However, depending on how things are currently set up, you may need to reconfigure the SSL/TLS settings in Cloudflare’s dashboard.
In particular, Cloudflare’s “Flexible” SSL setting can create a redirect error when used in conjunction with Simple SSL. Disabling Cloudflare’s SSL altogether or switching it to the “Full” setting may be needed to ensure there are no conflicts or redirect loops.
For more information on configuring Cloudflare for use with Flywheel, check out this help article: How do I set up Cloudflare on Flywheel?
Absolutely! If you’re pointing your domain through Sucuri, please make sure that the Forward Certificate Validation to Hosting setting is enabled. If it is not, this will prevent Simple SSL from validating.
Thanks for the purely hypothetical question. ;) Simple SSL certs are not transferable to other servers, and due to the managed nature of Simple SSL, we do not provide the certificate or key file. However, you may be able to set up a new Let’s Encrypt™ certificate on the new server.
Sorry, no. Simple SSL is not compatible with custom CDN URLs, but we’ll hopefully be able to offer that capability down the road. In the meantime, CDN works just fine with Simple SSL using default CDN URLs.
New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!
How to migrate your site to Flywheel using Flywheel Migrations
How do I go live on Flywheel?
What is a demo site?
Learn all about managing your Flywheel user account, Teams and integrations.
Your role as a collaborator
How do I transfer a subscription to/from an Organization?
What is a collaborator in Flywheel?
Everything about billing, invoices and payments can be found here.View all
Flywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!
Deploying to Flywheel via SSH and GitHub Actions
How do I get started with Staging?
Backups on Flywheel
All the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!
Connecting to Flywheel’s SSH Gateway
Can I access my Flywheel site via SSH?
Can I get access to my database?
Tips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.View all
Learn how to connect, deploy, and more with SSH on Flywheel's platform.
Using SSH tunneling to access your site’s database
Deploying to Flywheel via SSH and GitHub Actions
Connecting to Flywheel’s SSH Gateway