Choosing the right SSL certificate depends on your situation. In short, you have two options.

1. Or you are a private person and mostly want a secure website. In that case, all you need is an SSL certificate with domain validation.

2. Are you a company or a commercial activity? Then you should choose an SSL certificate with extended validation. Your company information will then be included in your SSL certificate. This will allow visitors to learn all about the company behind the website, which will instill more trust and increase your sales.

For a web store, it is important to build as much visitor trust as possible. They need to know that they are dealing with a trusted company and that everything takes place in a secure environment, which is why an SSL certificate with domain validation is not enough. It is important for a web store that company information is integrated into the security certificate. Therefore, be sure to choose an SSL certificate with extended validation for your web store. This will help your web store to achieve a 15% increase in sales!

An SSL (Secure Sockets Layer) certificate is a digital security certificate that provides a secure connection between your visitors' browsers and the server that hosts your website. It encrypts all data that is sent, such as passwords, contact information, payment information and other sensitive data. This makes it harder for hackers to intercept or steal that data.

Simply put, an SSL certificate is a type of security on your website that makes it safe for your visitors and makes it trustworthy. A small padlock displayed in the browser bar or "https" immediately indicates that the website uses an SSL certificate and is therefore secure.

The price of an SSL certificate varies depending on the type of SSL certificate you have chosen and the domain names it is used for.

For a cheap SSL certificate, it is best to choose a domain-validated SSL certificate that is valid for a single domain name. SSL certificates with more extensive validation (Organization Validation or Extended Validation) cost more.

The price also increases if your SSL certificate is valid for multiple domain names or subdomains.

Cheap SSL certificates (eg the free SSL certificate issued by Let's Encrypt) have some disadvantages compared to more expensive ones.

Cheap SSL certificates do not allow extensive validation , which means that company details cannot be included in it. Therefore, your visitors will trust you less. And limited trust means limited sales, which is why webshops should avoid using cheap SSL certificates at all costs. An SSL certificate with extended validation guarantees at least 15% more sales.

A free SSL certificate such as those issued by Let's Encrypt is only suitable for a website . For file servers, applications, email, and the like, you need a paid SSL certificate.

You cannot use a proxy SSL certificate for all of your subdomains. So a premium certificate (such as one with extended validation) is recommended here as well.

With a cheap SSL certificate, you can't even add a Trust Seal to your checkout page. By adding their tag, your visitors will trust you more.

If you use a free SSL certificate, you will not receive any compensation in case of misuse.

Applying for an SSL certificate is easy. Start ordering through our website and we'll take care of the rest. Depending on the type of SSL certificate you choose (domain certificate, organization certificate, or extended certificate), your request will be processed immediately or your company will be verified shortly thereafter.

This check is necessary for Organization Validation or Extended Validation to ensure that the requesting company is completely legitimate. Only then can the company information also be included in the confirmation. We will install the certificate for FREE.

Wildcard Positive SSL is a cost-effective solution for protecting the main domain and multiple subdomains of the same domain.
For example, a Wildcard SSL certificate issued at * .mojadomena.hr is valid for: www.mojadomena.hr, webshop.mojadomena.hr, mail.mojadomena.hr, etc.
SSL Wildcard certificates are easy to install and an excellent choice for both personal websites and any site that has many subdomains that need to be protected. The advantage is that the certificate is renewed and reinstalled once a year, and it is possible to install it on another server in case a subdomain is hosted on another server for some reason.

SSL certifikat šifrira komunikaciju između posjetitelja i tvoje web stranice, štiti osjetljive podatke i osigurava da se u pregledniku prikazuje ikona lokota uz https://. Na WMD hostingu, besplatni SSL certifikat (Let's Encrypt) dolazi uz svaki hosting paket. U ovoj uputi pokazujemo kako ga aktivirati i instalirati.

Automatski SSL (Let's Encrypt)

Na većini WMD hosting paketa, Let's Encrypt SSL certifikat se automatski instalira za sve domene na računu. Ako ti certifikat već radi (stranica se otvara s https://), ne trebaš ništa mijenjati.

Za provjeru:

1. Otvori svoju stranicu u pregledniku
2. Klikni na ikonu lokota lijevo od URL-a
3. Provjeri podatke o certifikatu — trebao bi pisati "Let's Encrypt" ili "AutoSSL"

Ručna instalacija SSL-a putem cPanela

Ako automatski SSL nije aktivan ili trebaš instalirati vlastiti (kupljeni) SSL certifikat:

Korak 1: Otvori SSL/TLS u cPanelu

Prijavi se u cPanel i u sekciji Security klikni na SSL/TLS.

Korak 2: Upravljanje SSL certifikatima

Klikni na Manage SSL sites (pod "Install and Manage SSL for your site").

Korak 3: Odaberi domenu i instaliraj certifikat

1. Iz padajućeg izbornika odaberi domenu za koju instaliraš SSL
2. Ako koristiš kupljeni certifikat, upiši ili zalijepi:
   • Certificate (CRT) — certifikat koji si dobio od izdavača
   • Private Key (KEY) — privatni ključ generiran pri kreiranju CSR zahtjeva
   • Certificate Authority Bundle (CABUNDLE) — lanac certifikata izdavača
3. Ako koristiš AutoSSL, klikni Autofill by Domain — cPanel će automatski popuniti polja
4. Klikni Install Certificate

Korak 4: Provjera

Nakon instalacije, otvori svoju stranicu s https:// prefiksom. Trebao bi vidjeti ikonu lokota. Ako se pojavljuju upozorenja, moguće je da stranica ima "mixed content" — neke resurse (slike, skripte) i dalje učitava putem http://.

Pokretanje AutoSSL-a

Ako AutoSSL nije automatski instalirao certifikat:

1. U cPanelu idi na SSL/TLS Status
2. Označi domene za koje želiš SSL
3. Klikni Run AutoSSL
4. Pričekaj nekoliko minuta — status će se promijeniti u zeleno

Najčešći problemi

• AutoSSL ne radi — provjeri da domena ispravno pokazuje na hosting server (DNS mora biti postavljen). AutoSSL ne može izdati certifikat ako domena ne pokazuje na pravi server.
• Mixed content upozorenja — zamijeni sve http:// linkove na stranici s https:// ili koristi relativne putanje
• Certifikat je istekao — AutoSSL se automatski obnavlja. Ako nije, pokreni ga ručno ili nas kontaktiraj.

Trebaš pomoć? Piši nam na info@wmd.hr — instaliramo SSL besplatno za sve korisnike.

Imati SSL certifikat je samo prvi korak. Ako tvoja stranica i dalje prihvaća veze putem http://, posjetitelji mogu pristupiti nezaštićenoj verziji. HTTPS redirect automatski preusmjerava sav promet na šifriranu (https) verziju tvoje stranice.

Zašto je HTTPS redirect važan?

• Sigurnost — svi podatci između posjetitelja i servera su šifrirani
• SEO — Google preferira HTTPS stranice i rangira ih više
• Povjerenje — posjetitelji vide ikonu lokota i znaju da je veza sigurna
• Izbjegavanje duplog sadržaja — bez redirecta, Google vidi http:// i https:// kao dvije različite stranice

Metoda 1: HTTPS redirect putem cPanela

Najjednostavniji način — bez diranja koda:

1. Prijavi se u cPanel
2. U sekciji Domains klikni na Domains
3. Pronađi svoju domenu u popisu
4. Uključi prekidač Force HTTPS Redirect (prebaci na ON)

To je to! cPanel će automatski preusmjeriti sav HTTP promet na HTTPS.

Metoda 2: Redirect putem .htaccess

Ako tvoj cPanel nema opciju Force HTTPS, možeš dodati redirect ručno u .htaccess datoteku:

1. U cPanelu otvori File Manager
2. Idi u public_html mapu
3. Pronađi datoteku .htaccess (ako je ne vidiš, uključi Show Hidden Files u Settings)
4. Klikni desnim klikom → Edit
5. Na sam početak datoteke dodaj:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

6. Klikni Save Changes

Metoda 3: HTTPS redirect u WordPressu

Ako koristiš WordPress, dodatno provjeri:

1. Idi u Settings → General
2. Provjeri da oba polja počinju s https://:
   • WordPress Address (URL): https://tvoja-domena.hr
   • Site Address (URL): https://tvoja-domena.hr
3. Spremi promjene

Ako su ova polja postavljena na http://, WordPress će generirati linkove bez SSL-a čak i kad imaš .htaccess redirect.

Provjera

Nakon postavljanja redirecta, provjeri:

• Otvori http://tvoja-domena.hr — trebalo bi te automatski preusmjeriti na https://
• Provjeri i http://www.tvoja-domena.hr — i ovo mora preusmjeriti
• Koristi httpstatus.io da potvrdiš 301 redirect

Česti problemi

• Redirect loop ("Too many redirects") — može se dogoditi ako i cPanel i .htaccess istovremeno forsiraju redirect. Koristi samo jednu metodu.
• Mixed content — stranica se učitava putem HTTPS, ali neke slike ili skripte još koriste HTTP. Zamijeni sve linkove na https:// ili koristi relativne putanje.
• Stranica se ne učitava — provjeri imaš li uopće aktivan SSL certifikat. Bez njega, HTTPS redirect će prikazati grešku.

Trebaš pomoć s postavljanjem? Piši na info@wmd.hr — riješit ćemo to za tebe.