Note: Any sites created after June 6th, 2017 will have an SSL certificate automatically enabled, even once a custom domain is set up. If your site was created before June 6th, read on to find out how to enable SSL for your custom domain.
What is SSL?
A "Secure Sockets Layer" (SSL) certificate is a technology for making sure that the internet connection between a web page and its visitors is kept completely secure. If the page you're visiting has an SSL certificate applied to it, you can be sure that any confidential information being transferred (passwords, credit card information, and so on) is kept completely safe and cannot be intercepted or stolen.
You'll know when you're on a page with an SSL certificate because the URL will start with HTTPS (rather than HTTP). You'll also see the little green padlock (the icon for SSL) next to your browser's address bar:
Including an SSL certificate on your Thinkific site builds trust with your customers. When they see the padlock, they'll know that their information is safe and your business is trustworthy.
How do I switch on SSL for my site?
For sites created after June 6th, 2017
SSL is already on for your site, so no need to do anything! If you need to switch off your SSL certificate (e.g. to troubleshoot some insecure content or set up your custom domain), head to the Advanced Settings page of your admin dashboard to temporarily deactivate your SSL setting.
For sites created before June 6th, 2017
Head to the Settings page of your admin dashboard to switch on SSL for your site:
We'll auto-generate an SSL certificate for your custom Thinkific URL via Let's Encrypt.
You'll then see the little green padlock the next time you visit your site at your custom URL! If you try to visit your site via an HTTP link, you'll be automatically redirected to HTTPS. This switch means that your site pages will always appear secure for your users.
Important! Before switching on SSL, make sure that all of the content you're using is secure.
If you're linking to any insecure content on a page, it will no longer be available once you switch your site to HTTPS. People who still try to access this content after your site is SSL secure will see this scary security warning from their browser:
How to avoid this:
If you're linking to any content hosted outside of Thinkific (e.g. images and videos hosted on other sites) make sure that you're using an HTTPS link. It's as simple as taking the link you're using and adding HTTPS to the beginning:
Tip: To make it as easy as possible to keep your site secure, avoid hotlinking to images in your course description, instructor bio, etc. Most fields within Thinkific include an 'Insert Image' button - use this feature to upload directly to Thinkific. Doing so ensures the content will be added in using an HTTPS link:
If you're having trouble switching on your SSL due to insecure content, we have a troubleshooting article here.
What happens if I don't make the switch?
If you're using a custom URL, then we'd highly recommend switching on SSL as soon as possible. Not having the little green padlock for your site may be putting off potential customers. Activating SSL ensures they know all your site pages, especially your checkout pages, are secure!
Can I use my own certificate instead?
Absolutely! Our auto-generated certificates are perfect if you're just getting started, but if you already have your own SSL certificate for your domain that will also work with your Thinkific site. Custom SSL certificates are a feature of our Premier plan and above. If you're interested in using a custom SSL certificate for your site, visit this page for more information.
When will my certificate expire?
It won't! The certificates last for 90 days and are automatically renewed 30 days before expiry, ensuring that your site stays safe and secure forever!