Buying an SSL certificate
The first obvious step is to obtain an SSL certificate from a certificate issuing authority. There are several popular certificate issuing authorities like DigiCert, VeriSign, Thawte and GeoTrust from where you can purchase one.Apart from the regular single domain SSL certificate, several other types of certificates like multi-domain or wild card SSL certificates are also available to fulfill your business needs. Buying an SSL certificate is quite easy, so we're going to skip that part. Let's move forward and see how to first integrate (install) it on your web server so that you can use secure SSL connection for your WordPress website.
Installing SSL Certificate on Apache Web Server
Though nowadays web hosts allow SSL on shared IPs that sometimes negatively affect other websites on the server, getting a dedicated IP address for your SSL certificate is always advisable. Also, make sure that mod_ssl security module is installed and active on your Apache web server.Start with generating a CSR to obtain your certificate and the associated keys. Once this step is completed, copy the primary certificate file and the keys within the directory where all SSL certificates and keys are stored on your web server.
Caution: Your certificate and key files should be only readable by root.
The next important step involves editing the httpd.conf file to add or modify existing records associated with the SSL certificate. Make sure you keep a backup of the original file before making any changes to it. Use a normal text editor to edit the file instead of using a rich text editor.Start with adding the following records in the file.
<VirtualHost 127.0.0.1:443>
ServerName www.domain.com
DocumentRoot /path/to/your/document/root/htdocs
SSLEngine ON
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain.com.key
</VirtualHost>
This sample code includes localhost IP address 127.0.0.1 which should be replaced with your web server IP address. If a firewall is active on your web server, it may be possible that 443 port is not open within it to allow inbound or outbound SSL connections. You can confirm it by running the following command.# sudo /sbin/iptables -L
If the port is not opened in the listing, you can ask your web host support staff to add the relevant rules to the firewall. And last but not the least; you need to restart your Apache web server to ensure changes are applied on the server instance. You can do that through the following command.# /etc/init.d/httpd restart
or use the following command...
# /etc/init.d/apache2 restart
After doing all the dirty work, your SSL configuration must be tested to ensure it is installed and working correctly. For that, use this useful SSL Server Test service. Simply punch in the IP address or the domain name associated with your web server to see the report about the SSL configuration.Using SSL with WordPress
And now comes the easy part of using SSL security for your WordPress site. To make things easy, I've handpicked 3 popular plugins to ensure you can start using SSL facility with your WordPress in a few simple steps. Simply install one of them that you find the best for your needs.

