SSL Certificates with Laravel Forge

HTTPS is no longer optional for modern web applications. Fortunately, Laravel Forge makes obtaining and managing SSL certificates incredibly straightforward.

Why SSL Matters

SSL certificates encrypt the connection between your users and your server, protecting sensitive data. Modern browsers also penalize sites without HTTPS, and many APIs require it.

Let’s Encrypt with Forge

The easiest way to get an SSL certificate is through Let’s Encrypt, which provides free SSL certificates that auto-renew.

Setting Up Let’s Encrypt

  1. Navigate to your site in Forge
  2. Go to the “SSL” tab
  3. Click “Let’s Encrypt”
  4. Enter your domain names (including www if needed)
  5. Check “Activate” to immediately enable the certificate
  6. Click “Obtain Certificate”

Forge will:

  • Request the certificate from Let’s Encrypt
  • Install it on your server
  • Configure Nginx to use HTTPS
  • Set up automatic renewal

The entire process takes about 30 seconds.

Custom SSL Certificates

If you have a commercial SSL certificate or use a different provider:

  1. Go to your site’s SSL tab
  2. Click “Install Existing Certificate”
  3. Paste your certificate, private key, and certificate chain
  4. Click “Install Certificate”

Forcing HTTPS

After installing your SSL certificate, you’ll want to force all traffic to use HTTPS:

In your Laravel application’s AppServiceProvider:

use Illuminate\Support\Facades\URL;

public function boot()
{
    if ($this->app->environment('production')) {
        URL::forceScheme('https');
    }
}

Or use Forge’s built-in redirect by editing your site’s Nginx configuration.

Auto-Renewal

Let’s Encrypt certificates expire every 90 days, but Forge automatically renews them for you. You can see the renewal status and next renewal date in the SSL tab.

Multiple Domains

Need to secure multiple domains with one certificate?

yourdomain.com
www.yourdomain.com

Just add them when requesting the certificate. Let’s Encrypt supports up to 100 domains per certificate.

Troubleshooting

Common issues and solutions:

Domain not pointing to server: Ensure your DNS records point to your server’s IP address before requesting a certificate.

Certificate not activating: Check your site’s Nginx configuration for conflicts.

Renewal failing: Usually means your domain is no longer pointing to the server or there’s a firewall blocking Let’s Encrypt’s verification.

Best Practices

  • Always use HTTPS in production
  • Include both apex and www domains in your certificate
  • Monitor certificate expiration dates
  • Test your SSL configuration with SSL Labs

Forge makes SSL certificates so easy there’s no reason not to use them for every site.