Ensuring your website is secure with SSL is crucial for protecting sensitive data and maintaining user trust. This article provides a comprehensive guide on how to use SSL with Ezoic, covering different integration methods including name server and Cloudflare. Whether you have a pre-existing SSL certificate or need to set one up, this guide will offer step-by-step instructions to help you configure your SSL settings correctly. By following this guide, you can ensure that your site remains securely accessible through HTTPS, delivering a safe browsing experience for your users.

1. Name server integration for publishers with a pre-existing SSL certificate:

In this method, your SSL certificate is uploaded onto your site’s server. When the client initiates an HTTPS request, Ezoic uses the SSL certificate and decrypts the request. Ezoic then makes a call using HTTPS to your origin server to get the site contents, optimizes the page, and then returns the contents to the user. 

1. Ensure your site is integrated with Ezoic using Ezoic name servers.
2. Verify that your site has a valid SSL certificate on the server.
3. Enable the SSL App within Ezoic’s dashboard (Settings > Privacy > SSL tab > Edit SSL Settings).
   
4. Select the 'Full' option in the SSL settings.
   
5. If there is no automatic redirect to HTTPS at the host server, enable this setting in the Ezoic dashboard. Be cautious to avoid enabling it if there's already an automatic redirect at the host server to prevent site issues.

2. Name Server integration for publishers without a pre-existing SSL certificate:

With this method, the client initiates an HTTPS request, Ezoic has the SSL certificate and is able to decrypt the request. Ezoic then makes a call using HTTP, unencrypted, to your site’s origin server to get the contents. Following this, Ezoic will optimize the page, encrypt the contents, and return this information to the user. 

1. Ensure your site is integrated with Ezoic using Ezoic name servers.
2. Verify that your site does not have a pre-existing SSL certificate on the server.
3. Add your hosts (including any subdomains) in the SSL app to generate Ezoic Certificates.
4. Choose the 'Flexible' option in the SSL settings.
5. Verify that HTTPS is functioning on the site by changing the URL from HTTP to HTTPS. Once verified, you can select to automatically redirect all HTTP requests to HTTPS.
   

3. Cloudflare Integration:

To integrate via Ezoic's CloudFlare app, if you have an SSL provided by CloudFlare you need to make sure the SSL app at Ezoic reflects these settings at Cloudflare, for example, "Strict", "Full", or "Flexible". 

1. Integrate your site with Ezoic via the Cloudflare app using Cloudflare name servers.

• Full:
  1. Ensure your site is using Cloudflare 'Full' or 'Strict' SSL.
  2. Upload your SSL Certificate/Key to Ezoic or install the SSL app in Ezoic’s dashboard.
• Flexible:
  1. Ensure your site is using Cloudflare 'Flexible' SSL.
  2. No action is required in the Ezoic dashboard.
• Strict:
  A publisher with a pre-existing SSL certificate and using CloudFlare may see that their settings are set to strict. This works in the same way that the full setting would, except it means that the origin SSL certificate MUST be valid. The client initiates an HTTPS request; the request goes to Cloudflare first; Cloudflare then decrypts the request and then forwards it to Ezoic as an HTTPS request. Ezoic also has the SSL certificate and decrypts the request. Ezoic then makes a call using HTTPS to the site’s origin server to get the content, optimizes the page, and then returns the content to Cloudflare, which returns this information to the user.
  
  1. Ensure your Cloudflare settings are set to strict.
  2. Verify that your origin SSL certificate is valid (unexpired, issued by a trusted certificate authority, and contains a common name or subject alt name that matches the requested host name).

Please note that Ezoic SSL is incompatible with the JavaScript and WordPress Plugin integration method. Publishers using these methods of integration who are wishing to install an SSL certificate for their domain must do so outside of Ezoic.

Common issues users may encounter during the SSL setup with Ezoic and their solutions are as follows:

1. No Automatic Redirect to HTTPS at the Host Server:
   • Issue: If your host server does not automatically redirect HTTP requests to HTTPS, you may need to enable this setting within Ezoic.
   • Solution: Ensure there is no existing automatic redirect at the host server before enabling it in Ezoic. Enabling it when an automatic redirect exists at the host server can cause site downtime.
2. Invalid SSL Certificate:
   • Issue: An invalid SSL certificate can prevent the site from serving securely. This is necessary for both name server and Cloudflare integrations.
   • Solution: Verify that your SSL certificate is valid, unexpired, and issued by a trusted certificate authority. Ensure it has a common name or subject alternative name that matches the requested host name.
3. Conflicting HTTPS Redirects:
   • Issue: Turning on the HTTPS redirect at both the host server and Ezoic can cause conflicts and potentially bring the site down.
   • Solution: Only enable the HTTPS redirect in one place - either at the host server or within Ezoic, not both.
4. Incorrect SSL Option Selection for Cloudflare Integration:
   • Issue: Choosing the wrong SSL option (e.g., 'Flexible' when 'Strict' is required) can lead to improper encryption handling.
   • Solution: Ensure that the Cloudflare SSL settings ('Full', 'Flexible', or 'Strict') match the SSL settings in the Ezoic dashboard. For 'Strict' SSL, confirm the origin certificate meets all the validity criteria.

By addressing these common issues with the provided solutions, users can ensure a smooth and secure SSL integration with Ezoic.

If you need further assistance with your site's SSL, please log in via https://support.ezoic.com/ to make use of our dedicated resources for support. We're here to help!