How do I configure HTTPS for my Magento store?

Configure HTTPS for Magento 2.4.7

Step 1: Obtain an SSL Certificate

  1. Purchase an SSL Certificate:
    • Obtain an SSL certificate from a trusted Certificate Authority (CA) like Let's Encrypt, Comodo, DigiCert, or any other provider.
  2. Install the SSL Certificate:
    • Install the SSL certificate on your web server. Consult your hosting provider's documentation for specific instructions.

Step 2: Configure Magento to Use HTTPS

  1. Log in to Your Magento Admin Panel:
    • Navigate to your Magento admin URL and log in with your admin credentials.
  2. Navigate to the Web Configuration:
    • Go to Stores > Configuration > General > Web.
  3. Configure Base URLs:
    • Expand the Base URLs section and update the Base URL to use HTTPS.
  4. Configure Secure Base URLs:
    • Expand the Base URLs (Secure) section and update the Secure Base URL to use HTTPS.
  5. Set Secure URL Options:
    • In the Base URLs (Secure) section, set Use Secure URLs on Storefront to "Yes".
    • Set Use Secure URLs in Admin to "Yes".
  6. Save Configurations:
    • Click on the Save Config button at the top right to apply the changes.

Step 3: Update the env.php Configuration File

  1. Access Your Magento Root Directory:
    • Use FTP/SFTP or SSH to access your Magento root directory.
  2. Edit the env.php File:
    • Open the app/etc/env.php file in a text editor.
  3. Add the Secure URLs Configuration:
    'http' => [
        'host' => '',
        'use_frontend_secure' => true,
        'use_admin_secure' => true
  4. Save and Close the File:
    • Save the changes and close the file.

Step 4: Clear Cache and Reindex

  1. Clear Cache:
    • Navigate to System > Cache Management in the admin panel and click on Flush Magento Cache.
    • Alternatively, you can clear the cache using the command line:
    php bin/magento cache:clean
    php bin/magento cache:flush
  2. Reindex Data:
    • Reindex the data using the command line:
    php bin/magento indexer:reindex

Step 5: Test Your Store

  1. Verify HTTPS Configuration:
    • Open your web browser and navigate to your Magento store.
    • Ensure that the URL starts with https:// and that the browser displays a secure padlock icon.
  2. Check for Mixed Content:
    • Use browser developer tools to check for any mixed content warnings. Mixed content occurs when a webpage is loaded over HTTPS, but other resources (images, scripts, etc.) are loaded over HTTP.