1. bluehost knowledge base

What Is AutoSSL? How Does AutoSSL Work?

AutoSSL is an account-wide setting that can be toggled on and off within a customer's Bluehost account. When AutoSSL is enabled, a daily cron replaces self-signed certificates and expired (or soon-to-expire) certificates with new Let’s Encrypt certificates. That process also happens immediately for new accounts. For existing accounts when WordPress is installed, AutoSSL is toggled to 'on' in the Hosting SSL Certificates page, or Free SSL Certificate is toggled to 'on' in the Security section of the control panel.

Enabling Bluehost's free SSL is quick and easy. By enabling an SSL for your website, your domain will be given the "HTTPS://" prefix, which means your website will be labeled "secure" in most web browsers. This article will help guide you through enabling or disabling the Free SSL provided by Bluehost. 


If you are interested in our Paid SSL Options, please visit our SSL Certificate page, and select the SSL plan that works best for you.
  • If you are using a 3rd party CDN, login to your CDN provider’s dashboard and locate their SSL management page. From there, you can copy and paste the SSL certificate and key information we have provided.
  • If you do not have a website with Bluehost, you will be unable to use the Free SSL.

Suppose you have a website, but your domain is hosted with another provider. In that case you will need to log into your domain provider’s dashboard and make sure the A Record for your domain is pointed to the IP address associated with your Bluehost website. Otherwise, you will be unable to use the Free SSL.



How to Enable Free SSL for WordPress users

To begin, you will need to access the Bluehost control panel.

Bluerock

  1. Click the My Sites tab from the side navigation menu to the left.
  2. Select the WordPress website by clicking the Manage Site button.
    cpanel-multiphpv2
  3. Locate the Security Option.
  4. Under SSL Certificate: Let's Encrypt, ensure that the toggle switch is On.
    rock-my-sites-security

Legacy

  1. Click the WordPress tools option from the navigation menu at the top of your screen.
    legacy-wordpress-tab
  2. Click on the Security on the left sidebar and choose the domain you wish to enable a Free SSL Certificate on.
  3. Under Security Certificate, ensure that the toggle switch is On.
    legacy-security-free-ssl
    • If your toggle is already On, your site is secured by an SSL, and no other action is necessary.
    • If the switch is Off, click the toggle to turn it On.
  4. Test to ensure your SSL certificate works by typing in your domain name and navigating to your website. You should see HTTPS:// appear before your domain name and any subsequent pages on your site.
If you still do not see your website as "Secure," please contact our support team at 888-401-4678.

How to Enable Free SSL for Non-WordPress users

To begin, you will need to access the Bluehost control panel.

    Bluerock

    1. Click the Marketplace tab from the side navigation menu to the left.
    2. Scroll down to Featured Products.
    3. Locate the SSL Certificate option.
      rock-bh-marketplace-ssl
    4. Under the SSL certificate Page, scroll down and locate "Install SSL On:"  click the drop-down menu to select your domain name.
    5. Once the domain is selected, click on Enable Free SSL.

    Legacy

    1. Click the addons tab from the navigation menu at the top of your screen.
    2. Select Security to limit the options.
    3. Look for SSL certificates, and select the learn more button.
      legacy-addon-security-ssl-certificates
    4. Under the SSL certificate Page, scroll down and locate "Install SSL On:"  click the drop-down menu to select your domain name.

    Once the Free SSL (AutoSSL) is enabled, you may need to add a redirect to ensure the domain resolves to the HTTPS protocol.

    Adding a Redirect in the File Manager

    1. Once the Free SSL (AutoSSL) is enabled, navigate to the File Manager section.
    2. Locate your .htaccess file. The primary .htaccess file is located in your public_html folder. 
      To learn more about accessing this file, please see our .htaccess Tutorial.
    3. Click on the file to open your Code Editor.
    4. Using the Code Editor, add these lines to the beginning of your .htaccess file.
      htaccess-code
      Note: Substitute example.com with your domain name.
    5. Test to ensure your SSL certificate works by typing in your domain name and navigating to your website. You should see HTTPS:// appear before your domain name and any subsequent pages on your site.
    If you still do not see your website as "Secure," please contact our support team at 888-401-4678.

    How to Disable Free SSL

    Note: Disabling the Free SSL and not purchasing a Paid SSL may cause your website to be marked "not secure." This could reduce the credibility of your site with visitors.

    If you want to disable the Free SSL:

    Bluerock

    1. Click the Marketplace tab from the side navigation menu to the left.
    2. Scroll down to Featured Products.
    3. Locate the SSL Certificate option.
      rock-bh-marketplace-ssl
    4. Under the SSL certificate Page, scroll down and locate the Disable Free SSL button.

    Legacy

    1. Click the addons tab from the navigation menu at the top of your screen.
    2. Select Security to limit the options.
    3. Look for SSL certificates, and select the learn more button.
      legacy-addon-security-ssl-certificates
    4. Under the SSL certificate Page, scroll down and locate the Disable Free SSL button.