After you select a Shopify plan and remove the password from your online store, you can activate SSL certificates in your Shopify admin to encrypt your online store's content and publish it securely using HTTPS instead of HTTP. For example, if your store's URL is, it will be updated to after you activate SSL certificates. Customers who use the original URL will be redirected to the encrypted online store.

Having SSL certificates on your online store lets you:

  • add a new layer of security—256-bit encryption—to your online store by using HTTPS instead of HTTP
  • build customer trust by displaying the SSL padlock icon beside your online store's URL:
Ssl padlock icon

If your online store displays content (including images, videos, or webfonts) that's hosted somewhere other than Shopify, then you can verify it on the Domains settings page in your Shopify admin to make sure it doesn't invalidate your online store's SSL certificate.


SSL certificates are activated by default in Shopify for your store's checkout, and for any content that's hosted on your domain.

Best practices for SSL content

There are a few things you can do to make sure your online store's content stays secure:

  • host all of your online store's content on Shopify or a server that publishes over HTTPS (learn about uploading files to your Shopify admin)
  • host your video content on a service that publishes over HTTPS
  • if you're using webfonts, make sure they're published over HTTPS from their source.

Want to discuss this page?

Visit the Shopify Community

Ready to start selling online with Shopify?

Try it free