Free SSL certificate for your site and routing all traffic through HTTPS - Step by step walkthrough

Security is all the hype with Google threatening to mark all sites not using SSL protocol as "insecure" or "unsecure" or whatever "non-secure" message it's going to show. Something like this:

So let's make it this site great secure again. Don't buy the certificate from your hoster just yet, if you are a small(-ish) website, you don't have to spend a penny. The things you'll need:

  1. Access to your domain registrar account. You will need to change where your domain points to, but don't worry, it's very easy;
  2. Patience (the changes are made quickly, but it takes some time for them to apply);
  3. That's it, everything else is covered below. You don't need to pay for the certificate and you'll get a number of perks to go with it for free.

First of all, register an account with cloudflare.com if you haven't got one already. It's a great service protecting your from various attacks, hiding your site's identity, making it load quicker and yes, the ssl-certificate just goes as an additional bonus.

Once registered, click that big blue "+Add Site" button on the dashboard. Enter your site name in the box that pops up:

Hit "Add Site" button at the bottom of the pop-up and you'll be presented with cryptic message about DNS records. Don't worry about that now, just click "Next". You'll have to select a plan, but again don't worry about all the options, just choose "Free", you'll always be able to upgrade later once you (hopefully) grow to Enterprise level:

Confirm as prompted. You'll see where your current DNS records point and Cloudflare will route your traffic accordingly. Just click "Continue" if you don't have any reason to interfere:

Now you're given something meaningful. My screen says that I need to change nameservers from ns1.mediatemple.net to ernest.ns.cloudflare.com and ns2.mediatemple.net to nola.ns.cloudflare.com. This is because my site is hosted with MediaTemple, yours probably hosted elsewhere. That's when you'll need to login to your domain name registrar.

I don't remember who my registrar is (as I have multiple sites with several registrars), but it's easy to find out. Just head to any whois service, the first one that comes up in Google will do. Let's say it's https://www.whois.com/whois for clarity, but could be any other. Enter your domain name and you'll see lot's of info. Scroll down to "Raw whois data" and look for registrar name. Here it is:

Go there, login and do what you're told. All providers are different and many will try to sell you something while you navigate through their interface, but don't be fooled — you only need to change nameservers. Look for "nameservers" or "DNS" or "DNS records" and a way to change them. It will look like this:

or like this:

or completely different, but you get the idea. Now "Change Where Domain Points". You'll need to get to this point:

Fill in the addresses given by Cloudflare (I always get ernest and nola ones, but possibly there are others). Click "Submit", "Continue", then confirm, apply or whatever they ask until you get a confirmation that your nameservers have been changed:

Most of the work is done, but now you just wait until the changes made propagate through the internet. The warning says 1-48 hours, but in my experience it's a couple of hours at most. While you wait, go back to Cloudflare. You should be on the screen that says "Change your Nameservers":

Click "Continue" and don't worry if you get "Website not active (DNS modification pending) message. Scroll down to Domain summary and click where it says "SSL: Full":

You'll land at Crypto page. Now the final bit: find "Always use HTTPS" option and turn it on:

That's it. That should've taken you five minutes if you know what you're doing and six minutes if you struggle with your DNS. Enjoy!

Rating: