Installing an SSL certificate and moving to HTTPS

Install SSL on your hosting, force HTTPS, and fix the common "mixed content" problem.

5 min Updated 18 Jul 2026

SSL encrypts the connection between a visitor's browser and your server. It is no longer optional: browsers flag sites without HTTPS as "not secure", and Google treats HTTPS as a ranking signal.

Installing on hosting

On ServerNet hosting, a free certificate is issued and renewed automatically. To check its status:

  1. Sign in to your control panel.
  2. Open the SSL/TLS section.
  3. Confirm your domain appears in the list of active certificates.

Important prerequisite: the domain must already point at the server. Issuance works by verifying ownership over DNS or a file, so if your A record still points at your old host, issuance will fail.

Forcing HTTPS

Installing the certificate alone is not enough — you also need to redirect HTTP traffic. In the .htaccess file at your site root:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

The 301 means a permanent redirect, which matters for SEO because it passes the old URL's authority to the new one.

The "mixed content" problem

This is the most common issue after enabling SSL: the padlock does not appear even though the certificate installed correctly. The cause is that your HTTPS page still loads some assets (images, CSS, JavaScript) over http://.

The fix: change all internal URLs to https:// or to relative paths. To find the offenders, open your browser's developer console — mixed content warnings are listed there.

On WordPress you must additionally update the site address in settings to https:// and correct old URLs stored in the database.

After enabling HTTPS

  • Add the HTTPS version as a new property in Google Search Console.
  • Update your sitemap and robots file with the new URL.
  • Check internal links so they point straight to HTTPS rather than going through a redirect.

Verifying the installation

Use ServerNet's SSL checker to confirm the certificate is valid, check its expiry date, and verify the certificate chain is complete. An incomplete chain causes errors in some browsers and mobile apps even when it works fine in yours.

Was this page helpful?