
Free SSL and Stripe Payment Gateway for Woocommerce
Soooo… If you’ve landed here you’ve probably spent the time looking for all sorts of solutions to get stripe to work on your website without an SSL or searching multiple different free SSL solutions. As a small business owner I know SSL and premium plugin costs can be stressfulfor start-ups with small budgets. I am happy to share our solution for a Free SSL on your woocommerce website, with FREE functioning stripe payment gateway – No Coding Needed. Follow the 5 steps below and you will be running in no time! For our example we will be using www.wearATA.com
1. Install and activate all the following FREE plugins
- Woocommerce
- WooCommerce Stripe Gateway by Automattic
- CloudFlare by Ian Pye
- CloudFlare Flexible SSL by iControlWP
2. Register and Set up Stripe
Sign up for a free stripe account here.
Once you have filled out everything from stripe and your account is all set up your going to want to head to the top right corner of the screen click your account name and select account settings. From there navigate to API keys in the modal window and save these keys for later.
3. Link Stripe and WooCommerce
- Head into your wordpress dashboard and find woocommerce > settings on the left hand side.
- From the nav bar on the top select checkout
- Select stripe from the checkout options
- Enable Stripe and make sure you have the following fields filled out. Live Secret Key, Live Publishable Key, Capture: Capture card immediately enabled, Saved Cards: Enable payment via Saved Cards Enabled.
- Hit Save
4. Set up CloudFlare and CloudFlare Settings
Sign up for CloudFlare here and follow their set up procedure. (this will also make your site faster! YAY!) Once you have your CloudFlare set up follow the next steps to make sure its ready for your SSL. (note: the following work with my server set up and should work with yours, if your having trouble you may need to alter some settings
- Crypto Tab – Set the following options SSL: Flexible
- Firewall Tab – Security Level: Medium
- Speed Tab – Auto Minify: All Selected, Rocket Loader: Off (very important)
- Caching Tab – Caching Level: Standard, Cache Expiration: 4 Hours, Always Online: On
- Page Rules – See image… Make sure yourdomain.com/checkout/ has SSL:Flexible, Rocket Loader Off
- Network – Websockets: On, IP Geoloaction: On
- Scrape Shield – Email Address Obfuscation: On, Server-side Excludes: On.
5. Set up Cloudflare Plugin
- In your WordPress backend navigate to settings > Cloudflare on the left hand side bar.
- Input your domain name as it is registered with Cloudflare,
- Input your cloudflare API Key (which can be found in cloudflare under (top right) my settings > API KEY > Global API KEY
- Your cloud flare Email address.
- Turn on HTTPS Protocol Rewriting
DONE!!
You should be all done. Your website should be able to take credit card payments over SSL + Stripe at no additional cost of plugins, or paying your host for an SSL.=
Feel free to leave comments below and we will do our best to answer them in a timely manner.
Lee Ashby
August 4, 2016 at 5:40 amCool, Thanks for the post. I am giving this a go for one of my sites. Startup costs for things like SSL are annoying. I hope it works. Cheers.
Keep up the good work 🙂
Regards, Lee.
Elisa Planellas
August 18, 2016 at 11:00 pmHi,
I followed all the steps but my checkout page still isn’t showing an SSL. Perhaps it takes time for CloudFlare to apply the page rules or get the certificate set up. Is there a way to add the CloudFlare Free SSL to WordPress manually? If so, would that speed up the process? I get the feeling that I’m missing something, but maybe that’s just paranoia setting in…
John Zell
September 21, 2016 at 5:58 pmI think you can use your cloudflare to SSL the entire site manually, without these options. Maybe I’ll do that on a future build. Right now this is working for the purposes we needed. We have a new e commerce concept coming out soon we can try this on. It may take some time to SSL to show on checkout page and get the certificate set up, I would also make sure your page rules are correct in cloud flare and that you are forcing SSL on checkout with woocommerce.
Thanks!
jason
September 14, 2016 at 5:33 pmGreat article, worked for me.
Until I saw a validation error saying new Stripe accounts require TLS 1.2, which is $200 pm with Cloudflare.
I’m thinking I’m gonna need to get something like letsencrypt 🙁
John Zell
September 21, 2016 at 5:56 pmI’m using the pop up stripe gateway and haven’t seemed to have a problem yet. Let me know what works for you. I have heard good things about letsencrypt, but I like the cloudflare brand personally.
R. Has
September 20, 2016 at 9:11 amTrying to get this set up.. but I’m stalling on the CloudFlare setup. My setup menu does NOT look like that, and doesn’t have an option for HTTPS protocol rewriting.
I’m curious whether you have the right plugin linked, as the CloudFlare plugin you’re linked to is not authored by Ian Pye.
John Zell
September 21, 2016 at 5:55 pmThe plugin is linked correctly, this could have been set up on an old release of the software, but it is still working properly on our test site. Were running Version 1.3.24. Let me know if you’re still having problems and I’ll see what I can do.
Update: I updated the plugin, and you are correct, the author has changed. But the core functionality still works. You should be able to achieve your SSL with the same settings without the option you mentioned.
Graham Ferguson
September 29, 2016 at 8:12 amHi, How does this work if Cloudflare is set up via the host (Siteground) and I am using a free LetsEncrypt SSL?
John Zell
September 29, 2016 at 3:53 pmI have not tried this exact configuration. I would imagine it would take some tweaking compared to the setup we have now, but i’m sure it’s possible. If you want to work on it together just let me know
Dc Liao
October 2, 2016 at 9:34 pmI am not using wordpress, will this work on my website?
John Zell
October 3, 2016 at 2:43 pmAre you attempting to use stripe in conjunction with cloudflare or are you just trying to see if cloudflare ssl will work without wordpress in general. I have not tried a stripe/cloudflare setup without wordpress but i’m sure it would work… And cloudflare ssl on its own WILL work. Let me know if you have any other questions.
dan
October 5, 2016 at 5:52 amHi how long does it usually take to become active if you are changing over nameservers in orders to use the ssl
John Zell
December 6, 2016 at 4:47 pm24 hours max. Usually a lot faster
Mike
December 10, 2016 at 1:47 pmThis worked perfectly for me. Thanks for the tip! I was about to purchase a 2-year SSL cert from GoDaddy for $100. I really like Cloudflare.
Only thing I would suggest is to also check the box that says “Force HTTP when leaving the checkout”. That keeps the rest of the site at HTTP and just the checkout pages at HTTPS.
John Zell
February 24, 2017 at 6:35 pmGreat suggesting! I have this install running on multiple sites! Cloudflare is a wonder!
Michael Frethy
December 10, 2016 at 7:42 pmGenius. This is exactly what I was looking for. And thanks for introducing me to all that Cloudflare has to offer as well.
John Zell
February 24, 2017 at 6:35 pmCloudflare is a beautiful thing! Glad this worked for you!
Håkon
December 14, 2016 at 2:29 pmAmazing. Worked like a charm! It was all set up in about 10 minutes. Thanks man! 🙂
John Zell
February 24, 2017 at 6:34 pmGlad it worked for you!
Stephen Leung
December 31, 2016 at 2:10 amHey John thanks for the post!
I’m at the last step, and as you know the settings screen changed.
Do I need to turn on “Automatic HTTPS Rewrites”?
John Zell
February 24, 2017 at 6:34 pmTest it with both, one will work one will not.
Let me know if you have any trouble!
irene
January 24, 2017 at 6:47 pmHey!
With this do you also get the green lock on the website bar?
Irene
John Zell
February 24, 2017 at 6:34 pmIrene,
Sorry for the delay! Yes you will get the green secure lock with this method!
Best,
John
Dan
February 26, 2017 at 2:44 pmHi John, I’ve implemented your solution, but when I submit the Stripe payment, it completes ok, but the email received states the payment failed? Is this an SSL issue? I’ve forced the secure checkout in the woocommerce settings, the SSL cert is active according to Cloudfare and I’ve tried tweaking their settings but it still won’t take the payment. My Stripe account all looks ok, I’ve used their keys etc.
I’m struggling to see where I’m going wrong! The only thing I’m not quite understanding is how the free cert works when it’s not applied by my hosting provider? (123-reg.co.uk).
Any advice you can give would be hugely appreciated – I’m almost there! Thanks, Dan.
BobbuBrowne
April 28, 2017 at 6:30 amHello! Cool post, amazing!!!
josh
May 31, 2017 at 3:21 amHi I already have my site with SSL certificate provided by instantssl. Are there chances of putting up these plugins there?
Nicolas Mahy
June 8, 2017 at 12:39 pmHi John,
Thanks for the information, very useful!
However, I think that woocommerce nowadays is only compatible with dedicated ssl certificates, so shared ones will not work.
Kind regards,
Nicolas Mahy