You probably know that SSL / HTTPS is one of the "must-haves" for all e-commerce stores. Not only does it offer an extra layer of protection to the store users, it also results in higher SEO (Search Engine Optimization) ranking!
Yes, Google actually takes this into account. So it's very important to implement SSL / HTTPS on your nopCommerce stores.
In this video tutorial (transcripts prepared), I am going to show you step-by-step how you can get SSL cirtificate for FREE! I'll also show you how to install it on your server (taking Azure App Services as example).
=== TRANSCRIPTs AFTER THIS LINE ===
Hi, this is Lam from Pro nopCommerce.
In this video, I am going to teach you how to get free SSL Certificate and set it up for your nopCommerce store. In this example, we are going to set it up on Azure.
To begin, please go to http://zerossl.com, and click on Online Tools, and Start the FREE SSL Certificate Wizard.
The first step is to enter your domain. Remember to accept all the terms.
The wizard will ask you if you want to generate the certificate for WWW sub-domain. We want to in most cases, so we'll click YES.
The wizard will first generate a Certificate Request. You need to copy or save the file. It's actually not needed, so you can just copy and ignore.
Now, click "Next" again to generate an account key. Again, this is not needed, so just copy and ignore.
Clikc next again. You now need to setup verification files to make sure you are the owner of the domain. As per instruction, you need to create 2 files, with specific file name and file content, and put it at the specified folder of your domain. Note that the files does not have any file extention such as .txt, which can cause some problem for ASP.Net MVC application like nopCommerce. We'll touch on this point later.
Now comes the tricky part. To make MVC serve static content that does not have a file extension, we need to make use of Web.config to do some kind of mapping. There's a link to download this file in the description. So download the file, and paste it in the same folder.
Try accessing the files to make sure they are all good.
In the last step of the wizard, download the 2 generated files. These are the certificates in Base64 encoded format, you'll need these 2 files later.
The next step is to turn the file into PFX format, which is what Windows system uses for certificates. We need an SSL Converter to do the job. The link is in the description.
We need to convert from PEM to PFX, and upload domain-crt.txt and domain-key.txt that we've downloaded earlier. Also, you need to set a password for this certificate.
Click convert to download your password-protected certificate.
Now, head over to Azure to upload the certificate. Enter the exact passward that you've entered in last step. You also need to bind the certificate to the domain by clicking "Add Binding". Refresh the page to make sure bindings are applied successfully.
The last step is to go to nopCommerce to activate Secure URL. Note that I am using version 2.70, which is a pretty old version of nopCommerce. The setting has been moved to "Stores" page. In any case, you need to tick "Use SSL", and enter the appropriate URL, which usually is just chaging HTTP to HTTPS.
Now we are all set, and your store is now protected by SSL!
Note that this is a free solution, so you need to regenerate a new certificate every 3 months. But that's not too bad considering it only takes 10 minutes of your time for every 3 months.
Okay, that's all. Let me know in the comments what you want to learn about nopCommerce! Also, remember to subscribe to my mailing list to get notified about future tutorials!
Bye.