SSL Installation

What is an SSL certificate?

In simple terms, SSL (or the Secure Sockets Layer) is the technology that secures websites. It powers the HTTPS protocol, and provides an encrypted connection between your store and your customers’ web browsers. It also provides proof of your store’s identity, helping a browser to present your store a secure and safe place to shop. SSL protects customer private information and prevents tampering. SSL is also required by law when you are transmitting sensitive information on your web site, for things like credit card and personal information. It is possible for every piece of data to be seen by others unless it is secured using an SSL certificate.

What does it do?

An SSL certificate is a digital key that both proves your identity and can be used to lock (or encrypt) traffic between your website and your customers’ web browsers. When installed on a web server, it activates the padlock and allows secure connections.

SSL Certificates contain:

  1. A domain name (your store’s URL).
  2. Your organization details (your company name and location).

How can I install one?

LemonStand Cloud provides a built-in SSL certificate for your store if you use the LemonStand domain, or lets you install a custom SSL certificate if you’re using a custom domain name. Read our tutorial for detailed instructions on how to install an SSL certificate for a custom domain.

To install an SSL certificate, you must first set a custom domain name for your store. For instructions on how to setup a custom domain, reference the Using a Custom Domain article.

Generating a CSR

Once you have setup a custom domain, a new link will appear under your store details section in the My Account page area. Once you've logged in, you'll see a link to your store name. Click on your store name, and you'll see a screen similar to that below. There will be a titled Configure SSL for your custom domain (not configured). Click this link.


To install your SSL certificate you will first need to generate a CSR (Certificate Signing Request) file, which is used when you purchase your SSL certificate in the next step.

  • You can generate your CSR using the form provided in the first section of the Configure SSL for your custom domain page. If you already have a CSR or wish to generate it manually, you can skip this step.
  • Once you fill out the fields required, click the Generate CSR File button. This will generate the CSR file and output its content to the page. Copy the content that is generated and then save it as a .CSR file using a text editor. You are now ready to purchase and request your SSL certificate using the provider of your choice.

Purchasing an SSL

There are many different companies that offer SSL certificates. Most SSL certificates are compatible with LemonStand. We recommend 2048-Bit SSL certificates. If the company offers the option, only OpenSSL or Apache certificates are compatible with LemonStand.

Unless you want to use the same certificate for multiple domains, we recommend purchasing a single-domain SSL certificate. We also support Extended Validation SSL certificates, which usually displays your company name in a green bar of the web browser.

When buying an SSL certificate, the provider will ask you for information like your company name, email, and also ask you for the CSR file. You can either upload that CSR file, or copy/paste the contents of the file that was provided when you generated a CSR through LemonStand.

There are many companies that sell SSL certificates, but two that we recommend are:

Install Your SSL Certificate

Once you purchase your SSL Certificate you will be provided with a zip file. Usually, your zip file with contain a .CRT file and a bundle (which may or may not have a .crt extension). You can open these files in a text editor. BEGIN and END is the start and finish of one certificate, like so: 

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----

These certificates form a "chain," linking your website to a trusted root provider. The chain is comprised of your Primary Certificate, along with Intermediate and Root certificate(s).

Cut and paste the contents of your certificates into the fields provided in step two of the Configure SSL page. There are three fields provided: Primary, Intermediate, and Root. The .CRT file contains your Primary certificate and the bundle contains your both Intermediate and Root certificates.

Sometimes the number of certificates provided by your SSL Certificate Provider will not match the fields on the Configure page. If you only have two certificates, you can place the second in either the Intermediate or Root field. If you have 4 certificates, paste both root certificate files in the 3rd text box.

The Configure SSL page also has a field to provide your private key. This is only necessary if you did not generate a CSR file in step one.