Yep, it’s really free! Simple, right?
Simple SSL certificates are issued by Let’s Encrypt™, a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
We’ve configured our server software to communicate directly with Let’s Encrypt™, validate your cert and install it completely automatically!
We believe in the mission of Let’s Encrypt™ to make secure HTTPS encryption available to everyone, and we’re proud to be helping to lead that charge in the managed WordPress hosting world. (In other words, because we want to be awesome.)
Simple SSL gets you a fully valid SSL certificate you can use to encrypt your Flywheel site. It will work for everything from adding SSL for the slight SEO boost to encrypting customer information on an eCommerce store. For more information on the specifics of the certificates we’re able to offer with Simple SSL through Let’s Encrypt™, click here.
However, “bring your own” certs do offer some added capabilities that Simple SSL doesn’t. Simple SSL cannot provide OV or EV (Organization Validated or Extended Validation), multi-domain or wildcard certificates. So if you need one of those, you’ll still need to bring your own.
Nope! Although ordinarily Let’s Encrypt™ certificates do need to be renewed every 90 days, we take care of that for you automatically. So once Simple SSL is active, you don’t need to do anything at all. (So simple!)
Easy! you’ll find the button in the add-ons tab of your site’s Flywheel dashboard. For a full guide with all the steps, check out How do I add Simple SSL to my site?
Absolutely! Most sites will be just fine replacing their existing cert with Simple SSL, as long as:
Simple SSL doesn’t cover those special circumstances, but as long as those don’t apply to your site, you can simply edit your current SSL settings under the Domains list inside the Overview tab of the site’s Flywheel dashboard.
For full directions, see How do I switch from using my own SSL certificate to using Simple SSL?
As long as your domain is already pointed to Flywheel, the validation should happen automatically within about 10–15 minutes. Otherwise, validation may take up to 48 hours after your domain’s DNS settings are properly configured, though it’s usually much faster.
If your domain isn’t pointed to Flywheel yet, see How do I validate my domain for Simple SSL?
Absolutely! Once the cert is installed and activated, you’ll find the option to Force HTTPS in the Advanced tab of the site’s Flywheel Dashboard.
If you switch on “Force HTTPS” from the Advanced tab of the site’s Flywheel Dashboard as described above, we’ll redirect all HTTP traffic to HTTPS automatically at the server level. So yes, all HTTP links will still work, and you won’t have to change anything.
Forcing HTTPS changes the protocol of the overall page load, but it can’t affect certain site files and images. For that, we recommend the SSL Insecure Content Fixer plugin. Just install and activate that, and it should force your existing assets (images and files) to load via HTTPS. (You can also configure the plugin to the level of strictness you prefer.)
If that alone doesn’t solve the issue, there are likely HTTP links which are coded into the site’s content or files that will need to be updated manually.
You can identify specific assets which are loading insecurely using whynopadlock.com.
Once you know which assets are not loading securely, you can either simply change all instances of “http” to “https” for your site’s local links, or better yet, change all internal links to relative instead of absolute (e.g., instead of “mysite.com/images/picture.jpg”, just use “/images/picture.jpg”).
Note that external HTTP links to third-party services (like Facebook, Google or Twitter) cannot be secured by your site if they are not already HTTPS links, so it won’t be possible to get the green padlock on sites that rely on external, third-party HTTP links.
If you have more than 30 days remaining on your previously paid SSL Support add-on (if you paid annually, for example), we’ll be happy to issue a prorated refund for the remaining time on that subscription. Just contact us in the Flywheel app with that request once you’ve made the switch, and we’ll be happy to help.
As Simple SSL is a newer feature, however, we are not able to issue retroactive refunds, or refunds for any existing SSL support add-on fees with 30 days or fewer remaining on the subscription. Apologies for any inconvenience.
Third-party SSL certificates still require significant setup, support, and maintenance. We manage everything around bring-your-own SSL certificates, but we don’t have the luxury of controlling the certificate itself. This means that the installation, activation, and other logistics of SSL need to be handled carefully and manually.
In addition, we help troubleshoot any issues that may arise from having an active third-party SSL certificate installed on the site, and help make sure things are always properly set up to run smoothly with the site and all its features, which often requires a significant degree of support.
Simple SSL covers basic, fully functional SSL certificates for a single domain, which should be sufficient for most sites. However, multi-domain, wildcard, and OV/EV (Organization Validated/Extended Validation) certs are not available with Simple SSL at this time.
This means Simple SSL is not viable with multisite, or in other situations where you might need certificates with these added features.
No, Simple SSL can only be activated once per site, and only on one of the site’s domains. You can change the cert’s domain, however, so if you want to enable Simple SSL on your temporary domain for now and switch it to your main domain once you’ve taken your site live, that’s no problem.
For more on how to do that, see How do I change the domain of my Simple SSL certificate?
No, Simple SSL is domain-validated, which means that in order to install a certificate on any given site, the domain needs to point to that site. This is the type of verification required.
To make this process as quick as possible, however, you can lower your domain’s TTL setting prior to going live, to a short duration like 5 minutes. (You’ll want to do this at least as far in advance as the old TTL setting. For example, if the domain’s current TTL is four hours, you’ll need to change it at least four hours before going live.) This will cause changes to propagate more quickly, allowing Simple SSL to be installed as soon after going live as possible.
You bet! Simple SSL only covers one domain at a time, but you can change that domain whenever you like. For details on how to do that, see How do I change the domain of my Simple SSL certificate?
At this time, Simple SSL and bring-your-own SSL Support cannot both be active, so you’ll have to pick between the two.
No, Simple SSL is not available for use with our Staging feature at this time.
If you’re validating by pointing your domain to Flywheel, make sure you’ve taken the site live, that DNS is pointed properly, that both the www and non-www version of the domain are pointing to your Flywheel site (just one of the two won’t be enough to validate), and that the temporary password is toggled off in the site’s Flywheel dashboard. (You can check your DNS settings using our handy DNS health checker.)
Otherwise, or if you’re still having issues with Simple SSL validation, please see How do I validate my domain for Simple SSL?
Simple SSL is not available with multisite at this time.
Yes! However, depending on how things are currently set up, you may need to reconfigure the SSL (“crypto”) settings in Cloudflare’s dashboard. In particular, Cloudflare’s “Flexible” SSL setting can cause issues. Either disabling Cloudflare’s crypto SSL altogether or switching it to the “Full (strict)” level may be needed to ensure there are no conflicts or redirect loops.
In addition, you’ll want to make sure Cloudflare’s crypto SSL is turned off when attempting to validate your domain for Simple SSL, since validation will fail if Cloudflare attempts to connect to the site via HTTPS.
Sorry, no. Simple SSL is not compatible with custom CDN URLs at launch time, but we’ll hopefully be able to offer that capability down the road a bit. In the meantime, CDN works just fine with Simple SSL with the default CDN URLs.
Thanks for the purely hypothetical question. ;) Simple SSL certs are not transferable to other servers, and due to the managed nature of Simple SSL, we do not provide the certificate or key file. However, you may be able to set up a new Let’s Encrypt™ certificate on the new server.
Questions relating to payments, billing and managing your account on Flywheel.14 Articles
Learn everything there is to know about what Blueprints are, how to create them and how to make the best use of them.5 Articles
How to access your WordPress database to make changes and update content.3 Articles
Details about how to manage DNS and point your domain names at Flywheel.14 Articles
The most commonly asked questions, and a few we just think you should know.26 Articles
Questions that don't fit elsewhere, or those about Flywheel in general.58 Articles
Everything you need to know to get your first Flywheel site up and running.16 Articles
Everything you need to know about our amazing, free local WordPress development software for Mac and PC.15 Articles
Everything you need to know about managing your team with our Organizations feature.8 Articles
Which plugins work best, which plugins work worst, and everything in between.7 Articles
Details about everything Flywheel does to makes your site so secure.15 Articles
Information on setting up and troubleshooting with SFTP connections and file transfers.5 Articles
All there is to know about our free, automatically installed and activated SSL certificates.9 Articles
How to get the most out of Staging, which allows you to duplicate a site, make changes, and then push those changes to the live site.6 Articles
Everything you need to know about our Whitelabel subscriptions for branding and reselling Flywheel.4 Articles