SSL stands for Secure Sockets Layer and is a standard security technology used to encrypt the connection between the browser and the hosting server on which your website is hosted. A website having an SSL certificate is most commonly recognized by the https URL and the secured padlock in the client browser.
Having an SSL certificate for your website will improve your visitors’ trust and confidence that their personal and credit card information is secure and will help you improve your store conversion rate.
HTTP vs HTTPS
Installing your OpenCart 2 application for the https:// protocol, without having a valid SSL certificate, might affect your website accessibility or result in security warnings. If you need a hosting solution with SSL certificate to secure your store, you may review our OpenCart 2 Hosting plans.
To enable SSL on OpenCart 2, you need to:
- Step 1: Set your HTTPS URL in OpenCart 2 config.php Files
- Step 2: Enable SSL via the OpenCart 2 Admin
- Step 3: Force HTTPS only for your OpenCart 2
STEP 1Set your HTTPS URL in OpenCart 2 config.php Files
Before you enable the SSL support in your OpenCart 2 admin dashboard you will need to edit the two configuration files of your OpenCart 2. Both files are called config.php and they are located under theroot directory of your OpenCart 2 application and under the admin folder:
You can edit your files either via your cPanel File Manager or by downloading them on your local computer via FTP and reupload them after the changes.
Either way, you will need to locate the following section in both of your files:
// HTTPS define('HTTPS_SERVER', 'http://yourdomain.com/');
Modify the line to include https instead of http:
// HTTPS define('HTTPS_SERVER', 'https://yourdomain.com/');
When you have the correct https URL set for your OpenCart 2 application, save the files and upload them back to your OpenCart 2 installation if you are performing the changes locally on your computer. Remember to modify both the main config.php file and the admin folder config.php.
STEP 2Enable SSL via the OpenCart 2 Admin
Now you need to activate the SSL support via the OpenCart 2 admin dashboard. You can easily do this by logging in your OpenCart 2 admin panel and refer to the settings menu.
From the store list click on the edit icon next to your store name and proceed to the Server settings tab.
The first settings under the Server tab should be the Use SSL option. Click on the Yes radio button and save your settings via the save icon at the top right corner of your screen.
Now your checkout, registration and other pages on which sensitive information is submitted will be accessible only via HTTPS.
STEP 3Force HTTPS only for your OpenCart 2
If you would like to have your store accessible via HTTPS only, you may return to Step 1 in this tutorial and edit not only the HTTPS URL but the HTTP as well.
To do this, open once again your OpenCart 2 config files and edit the following line:
// HTTP define('HTTP_SERVER', 'http://yourdomain.com/');
// HTTP define('HTTP_SERVER', 'https://yourdomain.com/');
This way you will force your store to use HTTPS only for all pages and your admin panel.