{"id":10895,"date":"2026-06-09T18:45:04","date_gmt":"2026-06-09T18:45:04","guid":{"rendered":"https:\/\/kelma.io\/knowledge-base\/requesting-an-ssl-certificate\/"},"modified":"2026-06-09T19:43:38","modified_gmt":"2026-06-09T19:43:38","slug":"requesting-an-ssl-certificate","status":"publish","type":"post","link":"https:\/\/kelma.io\/ar\/knowledge-base\/requesting-an-ssl-certificate\/","title":{"rendered":"\u0637\u0644\u0628 \u0634\u0647\u0627\u062f\u0629 SSL"},"content":{"rendered":"<p class=\"wp-block-paragraph\">HTTPS is no longer optional \u2014 browsers warn visitors away from sites without it, and search engines favour secure pages. The good news: on Kelma, SSL is free, automatic, and self-renewing. This guide explains how certificates are issued, how to request one manually, and what to do if issuance fails.<\/p>\n\n<h2 class=\"wp-block-heading\">Automatic by default<\/h2>\n<p class=\"wp-block-paragraph\">When you attach a domain and it points to Kelma, we automatically request a certificate from a trusted authority and install it. It renews itself well before expiry, so you never have to think about it again. Most sites are fully secured within minutes of the domain resolving.<\/p>\n\n<h2 class=\"wp-block-heading\">Request a certificate manually<\/h2>\n<ol class=\"wp-block-list\"><li>Open your site and go to the <strong>SSL<\/strong> .<\/li><li>Select the domain (and any aliases) you want to secure.<\/li><li>\u0627\u0636\u063a\u0637 \u0639\u0644\u0649 <strong>Request Certificate<\/strong>. Kelma validates the domain and installs the certificate automatically.<\/li><li>Once active, your site is served over <code>https:\/\/<\/code> with a valid padlock.<\/li><\/ol>\n\n<div class=\"kb-callout tip\"><strong>Tip:<\/strong> Secure the <code>www<\/code> and non-<code>www<\/code> versions together so visitors get a valid padlock no matter which they type.<\/div>\n\n<h2 class=\"wp-block-heading\">Force HTTPS in WordPress<\/h2>\n<p class=\"wp-block-paragraph\">After the certificate is active, make sure WordPress serves everything over HTTPS. Set both the <em>WordPress Address<\/em> \u0648 <em>Site Address<\/em> in <em>Settings \u2192 General<\/em> to the <code>https:\/\/<\/code> version of your primary domain. This prevents mixed-content warnings where the page is secure but an image or script still loads over <code>http<\/code>.<\/p>\n\n<h2 class=\"wp-block-heading\">If issuance fails<\/h2>\n<p class=\"wp-block-paragraph\">Certificate authorities have to verify that you control the domain. If a request fails, it is almost always one of these:<\/p>\n<figure class=\"wp-block-table\"><table><thead><tr><th>Cause<\/th><th>Fix<\/th><\/tr><\/thead><tbody><tr><td>DNS not pointing to Kelma yet<\/td><td>Add the CNAME\/A record and wait for propagation<\/td><\/tr><tr><td>Domain still on another host<\/td><td>Move the DNS, then re-request<\/td><\/tr><tr><td>A conflicting CAA record<\/td><td>Allow the issuing authority in your CAA record<\/td><\/tr><tr><td>A stale proxy\/redirect<\/td><td>Disable any external proxy during validation<\/td><\/tr><\/tbody><\/table><\/figure>\n\n<div class=\"kb-callout note\"><strong>Still stuck?<\/strong> Open live chat from the panel. Our engineers can see the exact validation error and usually fix it in a couple of minutes.<\/div>\n\n<h2 class=\"wp-block-heading\">Fixing the not secure warning<\/h2>\n<p class=\"wp-block-paragraph\">Sometimes a certificate is installed correctly but the browser still shows a <em>Not secure<\/em> warning. This is almost always <strong>mixed content<\/strong> \u2014 the page itself loads over HTTPS, but it pulls an image, script, or stylesheet from an old <code>http<\/code> URL. To fix it:<\/p>\n<ol class=\"wp-block-list\"><li>Set both the <em>WordPress Address<\/em> \u0648 <em>Site Address<\/em> in <em>Settings \u2192 General<\/em> to the <code>https:\/\/<\/code> version of your domain.<\/li><li>Update any theme or widget links that are hard-coded to <code>http<\/code>.<\/li><li>For older sites, run a search-and-replace across the database to swap <code>http:\/\/<\/code> for <code>https:\/\/<\/code> on your own domain.<\/li><\/ol>\n\n<h2 class=\"wp-block-heading\">\u0627\u0644\u0623\u0633\u0626\u0644\u0629 \u0627\u0644\u0634\u0627\u0626\u0639\u0629<\/h2>\n<h3 class=\"wp-block-heading\">Does SSL cost anything?<\/h3>\n<p class=\"wp-block-paragraph\">No. Certificates are free for every domain on your site, and they renew automatically \u2014 there is nothing to buy and nothing to reinstall.<\/p>\n<h3 class=\"wp-block-heading\">How long does a certificate take to issue?<\/h3>\n<p class=\"wp-block-paragraph\">Usually a minute or two once the domain points to Kelma. If it takes longer, a DNS record is almost certainly still propagating.<\/p>\n<h3 class=\"wp-block-heading\">Do I need to renew it myself?<\/h3>\n<p class=\"wp-block-paragraph\">Never. Renewal is fully automatic and happens well before expiry, so your site is always served over a valid certificate.<\/p>\n\n<h2 class=\"wp-block-heading\">In short<\/h2>\n<p class=\"wp-block-paragraph\">SSL is free, automatic, and self-renewing on every Kelma site \u2014 you rarely have to think about it at all. When you do need to act, it is usually one of two things: requesting a certificate for a newly attached domain from the SSL tab, or clearing a <em>Not secure<\/em> warning caused by mixed content. Point your domain at Kelma, force HTTPS in your WordPress settings, and your visitors get the padlock they expect on every page. Because issuance and renewal are handled for you, HTTPS becomes something you set up once and never have to revisit \u2014 no expiry dates to track, no manual reinstalls, and no surprise lapses that would scare visitors away.<\/p>\n\n<h2 class=\"wp-block-heading\">Where to go next<\/h2><div class=\"kb-next\"><a href=\"https:\/\/kelma.io\/ar\/knowledge-base\/adding-a-domain-and-setting-the-primary-domain\/\"><b>Add a domain<\/b><span>Attach domains before securing them.<\/span><\/a><a href=\"https:\/\/kelma.io\/ar\/knowledge-base\/creating-redirects\/\"><b>Create redirects<\/b><span>Force www, non-www, or old URLs.<\/span><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>\u0623\u0645\u0651\u0646 \u0645\u0648\u0642\u0639\u0643 \u0628\u0634\u0647\u0627\u062f\u0629 HTTPS \u0645\u062c\u0627\u0646\u064a\u0629 \u0630\u0627\u062a\u064a\u0629 \u0627\u0644\u062a\u062c\u062f\u064a\u062f \u2014 \u0648\u0639\u0627\u0644\u062c \u0627\u0644\u0623\u0645\u0648\u0631 \u0627\u0644\u0642\u0644\u064a\u0644\u0629 \u0627\u0644\u062a\u064a \u0642\u062f \u062a\u0639\u064a\u0642 \u0625\u0635\u062f\u0627\u0631\u0647\u0627 \u0623\u062d\u064a\u0627\u0646\u064b\u0627.<\/p>","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[49,56],"tags":[],"class_list":["post-10895","post","type-post","status-publish","format-standard","hentry","category-knowledge-base","category-kelma-dashboard"],"_links":{"self":[{"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/posts\/10895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/comments?post=10895"}],"version-history":[{"count":4,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/posts\/10895\/revisions"}],"predecessor-version":[{"id":10920,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/posts\/10895\/revisions\/10920"}],"wp:attachment":[{"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/media?parent=10895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/categories?post=10895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kelma.io\/ar\/wp-json\/wp\/v2\/tags?post=10895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}