Shopify provides SSL certificates to your store after your custom domain has been properly added. To improve security, SSL certificates encrypt your store's content and publish it securely using HTTPS instead of HTTP.
For example, if your store's URL is
http://www.example.com, it will be updated to
https://www.example.com after Shopify issues SSL certificates. Customers who use the original URL will be redirected to the encrypted online store.
When you add your custom domain, a new SSL certificate is automatically created. This process can take up to 48 hours. During that time, you might see an error that reads SSL Unavailable in your Shopify admin and you might see a security error in your browser when you visit your online store. Learn more about the SSL Unavailable error and steps you can follow to troubleshoot it.
Having SSL certificates on your online store lets you:
- add a new layer of security to your online store by using HTTPS instead of HTTP
- build customer trust by displaying the SSL padlock icon beside your online store's URL:
If your online store displays content (including images, videos, or webfonts) that's hosted somewhere other than Shopify, then you can verify it on the Domains settings page in your Shopify admin to make sure it doesn't invalidate your SSL certificate.
Best practices for SSL content
You can take the following actions to make sure your store's online content stays secure:
- Host all of your online store's content on Shopify or a server that publishes over HTTPS (learn about uploading files to your Shopify admin).
- Host your video content on a service that publishes over HTTPS.
- When using webfonts, make sure they're published over HTTPS from their source.
- Don't use CAA (Certification Authority Authorization) records. If CAA records are required, the following Certificate Authorities must be added to each CAA record: - letsencrypt.org
HTTP Strict Transport Security (HSTS) is a mechanism that forces browsers to access a website with an HTTPS connection only. Using a secure connection in this way prevents certain kinds of network attacks, which helps ensure the safety of your information and your customers' information.
An HSTS policy can be set on a domain for a fixed length of time. Shopify's default length is 90 days.
If you remove a domain or leave Shopify entirely, then this policy will remain in effect on the domain for a further three months, but you won't need to take any additional steps as long as you move the domain to another platform that uses HTTPS.
If you move the domain to a platform that doesn't use HTTPS, then for the next three months after removing the domain from Shopify, anyone attempting to access the site will see an error message in their browser that says the site is not trusted or the certificate is not valid.
If you have additional questions, then contact Shopify Support.
도메인 사이트 맵 업데이트
You can manually update your domain's sitemap and notify search engines immediately when your storefront URLs change from HTTP to HTTPS.
Activating SSL certificates for your domain can temporarily affect your website's organic traffic. If you're using webmaster tools to manage your website (like Google Search Console account), then you can manually update your domain's sitemap and notify search engines immediately when your storefront URLs change from
이 프로세스는 사용하는 웹 마스터 툴에 따라 달라집니다.
Google Search Console
- Log in to your Google Search Console account.
HTTPS://접두사를 포함하여 도메인을 입력하고 속성 추가를 클릭합니다.
- SSL을 사용하여 암호화된 도메인의 이름을 클릭합니다.
- 크롤링, 사이트 맵을 차례로 클릭합니다.
- 사이트 맵 추가/테스트를 클릭합니다.
- 도메인의 새
- 도메인 프로필에서 도메인의
HTTP사이트 맵을 제거합니다.