How can we help you today?

How to Use SSL Certificates on your Hypernode When Ordered via Hypernode.com

Created by: Sylvia Bakker

Modified on: Wed, 26 Aug, 2020 at 3:42 PM


This article explains how to install SSL certificates on your Hypernode. An SSL certificate keeps online interactions and transactions private and they help customers gain confidence to provide personal information on your website. We strongly recommend shop owners to use SSL certificates. This way, your shop will become securely accessible using HTTPS.

TABLE OF CONTENTS

Why Use SSL?

SSL sends information across the internet encrypted so that only the intended recipient can understand it. SSL establishes a secure connection between your visitor's browser and your webshop. It allows you to sent private and sensitive information, such as payment credentials, across the internet without having to worry about the problems of eavesdropping, data tampering, and message forgery.


When you have ordered your Hypernode on Hypernode.com you have two options to use SSL on your Hypernode plan(s):

  • Upload your own SSL certificate
  • Request a certificate using Let’s Encrypt

Add a Custom SSL Certificate

You can add your SSL certificate to your Hypernode via your control panel.

The steps:

  • Login to your control panel
  • Select your Hypernode and click 'Go’
  • Go to 'Domains & SSL' and click on ‘Configure SSL'
  • Fill in the Private Key, Certificate and Certificate Authority (only .PEM files) 
  • Click on 'Apply your SSL certificate'
  • Check whether you have uploaded the correct certificate
  • Click ‘Add certificate’

Use Let’s Encrypt

For the more technically equipped developers we provide Let’s Encrypt.

Let’s Encrypt is a way to order free SSL certificates through domain validation. This has a few limitations:

  • You are responsible for your own Let’s Encrypt certificates, we do not provide any support on Let’s Encrypt.
  • Let’s Encrypt does not provide wildcard and/or EV certificates
  • Let’s Encrypt SSL Certificates are only valid for a 3 months period.

See our documentation about configuring Let’s Encrypt on your Hypernode on how to setup Let’s Encrypt on your Hypernode.

ChangingYour Base URLs

If your SSL certificates are linked to your Hypernode, or you ordered Let’s Encrypt certificates, we can change the base URLs to use only HTTPS. To do this, we created a little Python script that changes all your base URLs to HTTPS.

To use this:

## Download the script

wget -O change_baseurls.py https://gist.githubusercontent.com/hn-support/0c76ebb5615a5be789997db2ae40bcdd/raw/

## Execute to change the base URLs to HTTPS

python change_baseurls.py

Forcing Your Entire shop to Use SSL

You can easily force your entire shop to go over HTTPS using a simple redirect. 

Redirecting all traffic (when Varnish is not used)

To redirect all traffic from HTTP to HTTPS, open the server.rewrites with your editor:

editor /data/web/nginx/server.rewrites

Then add the following snippet:

if ($scheme = http) {  return 301 https://$host$request_uri; }

Now finish saving the option using CTRL+o followed by CTRL+x

To check if all went well, check if /data/web/nginx/nginx_error_output is present containing an error message. If you can’t find this file, your config reload went well.

Now test your result by visiting the domain!

It is also possible to selectively redirect to HTTP or HTTPS depending on the domain, by using a mapping.

Redirecting all traffic to https and www

If you want to redirect your domain to both https and www, add this snippet to server.rewrites

if ($http_host ~* "^(?!www\.).*$") {

    return 301 https://www.$http_host$request_uri;

}

if ($scheme = http) {

    return 301 https://$host$request_uri;

}

Redirecting to HTTPS When Using Varnish

If you are using Varnish on your Hypernode, the given redirect will be cached by Varnish causing the site to go down with a 'too many redirects' error, as the redirect will be served from the cache on both HTTP and HTTPS.

To resolve this, make use of a public.rewrites instead of a server.rewrites

All files in /data/web/nginx starting with public.* will be included in front of the Varnish instance, and will therefore not be cached.

Things to Remember When Using an SSL Certificate

  • Don’t forget to point the DNS for your domain to your Hypernode. More information about how this is done can be found in the article DNS settings Hypernode.
  • You will need a storefront in Magento with a secure_base_url. Otherwise Magento will redirect you to the main store.  You can change the base urls using the script mentioned above, you can also do this using the following support documentation. 

SSL on Your (non-www) Naked Domain While Using the Www-izer

If you use the www-izer forwarders in the DNS settings for your domain name, people that visit https://yourdomain.com directly will get an error message, either indicating that there is no https available or a plain connection refused error.
If Byte manages your DNS, or you’ve configured your DNS to point directly to the Hypernode, this will not be a problem.

For more information please read the article DNS Settings Hypernode

Enable SSL Stapling

To enable SSL Stapling for your SSL certificate, create the following configuration in /data/web/nginx/http.ocsp:

ssl_stapling on;
ssl_stapling_verify on;

Check Settings of Third Party Solutions

After configuring your shop to only use HTTPS, please do not forget to check HTTP(S) settings of third party solutions to avoid problems, e.g.:

  • Payment providers like Adyen
  • Stock providers like Picqer
  • Google Analytics and Google Search Console
S
Sylvia is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.