SSL/HTTPS Setup

Configure HTTPS for secure nopCommerce deployments.

Why HTTPS is Essential

Security - Encrypts data in transit
SEO - Google favors HTTPS sites
Trust - Customers expect secure checkouts
PCI Compliance - Required for payment processing

Let's Encrypt (Free)

Linux/Nginx

bash

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Auto-renewal is configured automatically.

Windows/IIS

Use win-acme:

powershell

# Download and run
wacs.exe --target iis --siteid 1 --emailaddress admin@yourdomain.com

Commercial Certificates

Generate CSR on your server
Submit to certificate authority
Validate domain ownership
Download and install certificate

IIS Installation

powershell

# Import certificate
Import-PfxCertificate -FilePath .\cert.pfx -CertStoreLocation Cert:\LocalMachine\My

Then bind in IIS Manager under Site Bindings.

Force HTTPS Redirect

Nginx

nginx

server {
    listen 80;
    server_name yourdomain.com;
    return 301 https://$server_name$request_uri;
}

IIS (web.config)

xml

<system.webServer>
  <rewrite>
    <rules>
      <rule name="HTTPS Redirect">
        <match url="(.*)" />
        <conditions>
          <add input="{HTTPS}" pattern="off" />
        </conditions>
        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
      </rule>
    </rules>
  </rewrite>
</system.webServer>

nopCommerce Settings

In Admin > Configuration > General Settings:

Enable "Use SSL"
Force all pages to use SSL

SSL/HTTPS Setup ​

Why HTTPS is Essential ​

Let's Encrypt (Free) ​

Linux/Nginx ​

Windows/IIS ​

Commercial Certificates ​

IIS Installation ​

Force HTTPS Redirect ​

Nginx ​

IIS (web.config) ​

nopCommerce Settings ​