SSL stands for Secure Sockets Layer, and is the technology that keeps internet connections secure and safe from prying eyes. It is used on all ranges of sites, but is particularly useful when doing things like online banking, eCommerce, or any type of internet transaction where personal information is shared.
Simple SSL is Flywheel’s free offering for a secure sockets layer to be added to your site!
Flywheel’s Simple SSL feature is a fully automatic 100% free SSL certificate, installed and activated in minutes!
To make this possible, we’ve partnered with Let’s Encrypt™, a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). This allows us to generate, install, activate, and renew certificates for your sites automatically and for free – right from your site’s Flywheel dashboard!
Follow the steps below to enable Simple SSL on your site!
Simple SSL supports up to 50 domain names per certificate. If your site has more than 50 domains please reach out to our friendly Happiness Engineers!
Simple SSL does not yet provide the ability to secure wildcard domains. If you’d like to secure subdomains, you’ll want to do so by adding each subdomain individually to the Simple SSL certificate. You may also bring your own SSL certificate to Flywheel to secure wildcard domains. For more information check out this help doc.
If you are pointing DNS via a proxy, like Cloudflare or Sucuri, the Flywheel DNS checker will not be able to confirm that DNS is pointed to Flywheel. If you are sure that DNS is set up correctly, feel free to ignore this warning.
If you’re pointing your domain through Sucuri, please make sure that the Forward Certificate Validation to Hosting setting is enabled to ensure validation.
If you’ve added a secondary domain to your site and you want to secure the domain, Simple SSL has got you covered!
From your domains list, you can edit the Simple SSL certificate to add the domain(s).
You’ll see a list of all the domains on the site and their current SSL status. You can select additional domains here.
Simple SSL provides you with a domain validated SSL certificate issued through Let’s Encrypt™. If you’re wondering whether the level of security and encryption provided by a Simple SSL certificate is sufficient for an eCommerce site: the short answer is, “Yes.”
The long answer, however, is slightly more nuanced.
While the level of encryption that a domain validated SSL certificate offers is sufficient for just about any application, any time that you plan on handling sensitive user information such as credit card or bank account information on your website, it’s advisable to instead purchase an OV (Organization Validated) or, even better, an EV (Extended Validation) SSL certificate from a third-party provider rather than use a domain validated certificate.
There are two reasons for this recommendation:
First, Let’s Encrypt™ certificates do not carry any warranty or guarantees. Generally, OV and EV certificates purchased from third-party providers come with an extensive warranty and often even insurance in the unlikely event that anything goes wrong with the certificate.
Second, OV and EV certs carry a higher level of trust. Since anybody can get a domain validated certificate, these certs don’t do much to prevent spoofing. While they do encrypt user data, they don’t guarantee your users anything about the authenticity of your site or organization.
By contrast, OV and EV certs require much more than just a domain to obtain. There’s actually a strict vetting process that goes along with purchasing these certificates. Your site’s users can put a higher level of trust in your site knowing that it has one of these certificates. This is particularly true of an EV certificate, as it will have the green organization bar in the browser in addition to the standard padlock, such as on Target’s eCommerce site:
Again, just to reiterate: the level of encryption in a domain validated Simple SSL certificate itself is sufficient. Strictly speaking, you don’t need more than a regular domain validated certificate. There are many eCommerce sites that use them. But running a site that handles extremely sensitive user information isn’t a responsibility to take lightly, which is why we recommend the extra layer of security provided with an OV or, ideally, an EV cert whenever possible.
If you have a third-party SSL certificate installed on Flywheel and would like to switch to using our free Simple SSL powered by Let’s Encrypt™, just follow these steps!
If Simple SSL fails to validate, you may encounter one of the following error messages:
These error messages indicate that Simple SSL failed to validate because the DNS for one or more domains is not properly pointed to the site’s Flywheel IP address. Check the domain’s DNS settings and try enabling Simple SSL again.
If you’ve tried enabling Simple SSL on your on site multiple occasions within a short timeframe, you may run into this message on your Flywheel dashboard:
This indicates that the SSL certificate has failed validation 3 times within the last hour, and you’ll simply need to wait another hour before you can try enabling Simple SSL again.
Validations usually fail because the domain name is not correctly pointed to Flywheel. For more information, check out our guides to setting up DNS for your domain.
Let’s Encrypt™, who provides certificates for Simple SSL, imposes these limits. To learn more, click here.
If you have any questions our Happiness Engineers are here to help!
New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!View all
Learn all about managing your Flywheel user account, Teams and integrations.View all
Everything about billing, invoices and payments can be found here.View all
Flywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!View all
All the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!View all
Tips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.View all
Learn how to connect, deploy, and more with SSH on Flywheel's platform.View all
Learn more about Growth Suite, our all-in-one solution for freelancers and agencies to grow more quickly and predictably.
Getting started with Growth Suite
Growth Suite: What are invoice statuses?
Growth Suite: What do client emails look like?
Learn more about Managed Plugin Updates, and how you can keep your sites up to date, and extra safe.
Managed Plugin Updates: Database upgrades
Managed Plugin Updates: Pause plugin updates
Managed Plugin Updates: Plugin Security Alerts