Menu

Simple SSL on Flywheel

Updated on March 13th, 2024

SSL stands for Secure Sockets Layer, and is the technology that keeps internet connections secure and safe from prying eyes. It is used on all ranges of sites, but is particularly useful when doing things like online banking, eCommerce, or any type of internet transaction where personal information is shared.

Simple SSL is Flywheel’s free offering for a secure sockets layer to be added to your site!



The basics of Simple SSL

Flywheel’s Simple SSL feature is a fully automatic 100% free SSL certificate, installed and activated in minutes! 

To make this possible, we’ve partnered with Let’s Encrypt™, a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). This allows us to generate, install, activate, and renew certificates for your sites automatically and for free – right from your site’s Flywheel dashboard!

Note

Simple SSL cannot generate a wildcard certificate nor an OV/EV (Organization Validated/Extended Validation) certificate. If your site requires one of these special types of SSL certificate, you’ll still need to bring your own.

Enable Simple SSL

Follow the steps below to enable Simple SSL on your site!

Step 1: Navigate to the site’s dashboard

  1. From the main menu, click Sites.Sites tab in Flywheel dashboard
  2. From your site list, click on the site you’d like to enable Simple SSL on.Site list in Flywheel dashboard

Step 2: Find the appropriate domain and Enable SSL

  1. On the Domains card, hover over the three-dot menu next to the domain you want a certificate for and then select Add SSL Certificate.

Step 3: Select the domains you’d like to secure

  1. Select “Yes, use Simple SSL”.
  2. Select any or all of the domains by checking the appropriate box. Keep in mind that DNS for every domain selected will need to be pointed properly to the Flywheel site’s IP address, or Simple SSL installation will fail for those domains.
  3. You can view the DNS status of each domain on the domain selection screen. For example, in the image below, you can see that the first two domains have been verified by our DNS checker as having been correctly pointed to the Flywheel IP, indicated by the green checkmark.

Note

Simple SSL supports up to 50 domain names per certificate. If your site has more than 50 domains please reach out to our friendly Happiness Engineers!

Simple SSL does not yet provide the ability to secure wildcard domains. If you’d like to secure subdomains, you’ll want to do so by adding each subdomain individually to the Simple SSL certificate. You may also bring your own SSL certificate to Flywheel to secure wildcard domains. For more information check out this help doc.

Step 4: Review domains that failed the DNS check

  1. Any domains that are not pointed to Flywheel will show an orange warning icon. Double-check the DNS settings for this domain (a DNS checker tool can be helpful), and then click the Check DNS Again button to retry.
  2. Once you’re satisfied with the results of the DNS check, click that green Complete SSL Setup button, and our system will get to work installing SSL for you!
  3. It can take up to 30 minutes to fully install the SSL certificate. You’ll receive an email from Flywheel when your domains are secured.

Note

If you are pointing DNS via a proxy, like Cloudflare or Sucuri, the Flywheel DNS checker will not be able to confirm that DNS is pointed to Flywheel. If you are sure that DNS is set up correctly, feel free to ignore this warning.

If you’re pointing your domain through Sucuri, please make sure that the Forward Certificate Validation to Hosting setting is enabled to ensure validation.

Step 5: Verify SSL status

  1. The SSL Status column will display the certificate type for each domain or the Not Enabled status for domains not yet covered by a certificate.
    SSL Status in Flywheel dashboard
  2. A lock and shield emblem will display on your site’s thumbnail image, signifying that the primary domain on the Flywheel site is secured by SSL.
    Padlock icon

 


Secure a secondary domain with Simple SSL

If you’ve added a secondary domain to your site and you want to secure the domain, Simple SSL has got you covered!

Step 1: Enable SSL for insecure domains

From your domains list, you can edit the Simple SSL certificate to add the domain(s).

  1. On your site’s dashboard, navigate to the Overview tab.
  2. On the Domains card, locate the secondary domain, hover over the three-dot menu, and select Add SSL Certificate.Add SSL on secondary domain

Step 2: Confirm the domains you want to secure

You’ll see a list of all the domains on the site and their current SSL status. You can select additional domains here.

  1. Check the boxes for the domain(s) you want to secure.
  2. Click Complete SSL Setup.

Note

If your secondary domain isn’t pointing to Flywheel yet, you may see this message. Your domain may still be propagating, or you may need to adjust your DNS settings. You can still attempt to complete the SSL setup, but it may fail. Attempts are rate limited to 3 per hour.

Step 3: Sit back and relax while Simple SSL is installed

  1. That’s it! You’ll see a message in your dashboard like this:
    Simple SSL usually takes between 20 minutes to an hour to install. If your domain still isn’t secure after that time, try clearing your browser cache, or check your email – if Flywheel was unable to install the certificate, you’ll get a message with next steps.

Simple SSL and eCommerce

Simple SSL provides you with a domain validated SSL certificate issued through Let’s Encrypt™. If you’re wondering whether the level of security and encryption provided by a Simple SSL certificate is sufficient for an eCommerce site: the short answer is, “Yes.”

The long answer, however, is slightly more nuanced.

While the level of encryption that a domain validated SSL certificate offers is sufficient for just about any application, any time that you plan on handling sensitive user information such as credit card or bank account information on your website, it’s advisable to instead purchase an OV (Organization Validated) or, even better, an EV (Extended Validation) SSL certificate from a third-party provider rather than use a domain validated certificate.

There are two reasons for this recommendation:

First, Let’s Encrypt™ certificates do not carry any warranty or guarantees. Generally, OV and EV certificates purchased from third-party providers come with an extensive warranty and often even insurance in the unlikely event that anything goes wrong with the certificate.

Second, OV and EV certs carry a higher level of trust. Since anybody can get a domain validated certificate, these certs don’t do much to prevent spoofing. While they do encrypt user data, they don’t guarantee your users anything about the authenticity of your site or organization.

By contrast, OV and EV certs require much more than just a domain to obtain. There’s actually a strict vetting process that goes along with purchasing these certificates. Your site’s users can put a higher level of trust in your site knowing that it has one of these certificates. This is particularly true of an EV certificate, as it will have the green organization bar in the browser in addition to the standard padlock, such as on Target’s eCommerce site:

evcert

Again, just to reiterate: the level of encryption in a domain validated Simple SSL certificate itself is sufficient. Strictly speaking, you don’t need more than a regular domain validated certificate. There are many eCommerce sites that use them. But running a site that handles extremely sensitive user information isn’t a responsibility to take lightly, which is why we recommend the extra layer of security provided with an OV or, ideally, an EV cert whenever possible.


Switch from a 3rd party SSL to Simple SSL

If you have a third-party SSL certificate installed on Flywheel and would like to switch to using our free Simple SSL powered by Let’s Encrypt™, just follow these steps!

Note

Let’s Encrypt™ certificates are domain validated. Higher validation like OV (Organization Validation) and EV (Extended Validation), and wildcard SSL certificates are not currently available with Simple SSL.
  1. Remove Third-Party SSL. Head to the Overview tab of the site’s Flywheel dashboard and look for the SSL Certificate area on the right sidebar. Hover over the 3-dot menu and choose the Delete SSL option.
  2. Enable Simple SSL. On the Domain card, hover over the three-dot menu next to the site’s primary domain and select Add SSL Certificate.Add SSL to primary domain
  3. Select the domain(s) you’d like to secure. You can select any or all of the domains that appear in the site’s Domains list on the Overview tab of the site’s Flywheel Dashboard. For every domain selected will need to be pointed properly to the Flywheel site’s IP address. You can view the DNS status of each domain on the domain selection screen like the example below.

    Note

    Simple SSL supports up to 50 domain names per certificate. If your site has more that 50 domains (look at you!) please reach out to our friendly Happiness Engineers, we’ll hook you up!
  4. Review any domain(s) that failed the DNS check. Any domains that are not pointed to Flywheel will show an orange warning icon. Double-check the DNS settings for this domain, and then click the Check DNS Again button in order to retry.

    Note

    The DNS checker is not always 100% accurate. For example, if you are pointing DNS via a proxy, like Cloudflare or Sucuri, the Flywheel DNS checker will not be able to confirm that DNS is pointed to Flywheel.If you are confident that DNS is set up correctly, feel free to ignore this warning.
  5. Once you’re satisfied with the results of the DNS check, click the Complete SSL Setup button, and our system will get to work installing Simple SSL for you!

Error Messages

If Simple SSL fails to validate, you may encounter one of the following error messages:

These error messages indicate that Simple SSL failed to validate because the DNS for one or more domains is not properly pointed to the site’s Flywheel IP address. Check the domain’s DNS settings and try enabling Simple SSL again.

Warning

Due to limits imposed by Let’s Encrypt™, multiple failed attempts to enable Simple SSL within an hour can result in a short lockout period before another attempt can be made.

If you’ve tried enabling Simple SSL on your on site multiple occasions within a short timeframe, you may run into this message on your Flywheel dashboard:

This indicates that the SSL certificate has failed validation 3 times within the last hour, and you’ll simply need to wait another hour before you can try enabling Simple SSL again.

Validations usually fail because the domain name is not correctly pointed to Flywheel. For more information, check out our guides to setting up DNS for your domain.

Let’s Encrypt™, who provides certificates for Simple SSL, imposes these limits. To learn more, click here.


Need help?

If you have any questions our Happiness Engineers are here to help!

Was this article helpful?

Getting Started

New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!

View all

Account Management

Learn all about managing your Flywheel user account, Teams and integrations.

View all

Billing

Everything about billing, invoices and payments can be found here.

View all

Features

Flywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!

View all

Platform Info

All the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!

View all

Site Management

Tips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.

View all

Developer Hub

Learn how to connect, deploy, and more with SSH on Flywheel's platform.

View all

Growth Suite

Learn more about Growth Suite, our all-in-one solution for freelancers and agencies to grow more quickly and predictably.

View all

Managed Plugin Updates

Learn more about Managed Plugin Updates, and how you can keep your sites up to date, and extra safe.

View all

 

Flywheel help

Help is just a click away! Log into Flywheel dashboard to instantly chat with an expert, respond to a ticket, or follow along with in-depth documentation. We happily offer support 24 hours a day, 7 days a week, 365 days a year!

Log in

Try Flywheel today

Launch your next site on WordPress in minutes.

 Free migrations  24/7/365 support  14 day demo sites