TL;DR
Included on all HostBible plans: automatic Domain Validation (DV) SSL certificates for any hostname you host with us (e.g.,
example.com,www.example.com, and additional subdomains you point to our servers).No extra cost and auto‑renewing.
Typical limits: DV only (no organization/extended validation), wildcard not included by default, the domain must resolve to HostBible to issue, and third‑party CDNs/proxies may require extra steps.
Need OV/EV or wildcard? We can help—reach out to support to discuss paid or custom options.
SSL/TLS in plain language
SSL/TLS encrypts traffic between a visitor’s browser and your site so data can’t be read or altered in transit. Browsers signal this with the padlock and https://.
Common certificate types
Type | What it validates | Typical use | Notes |
DV (Domain Validation) | Proves control of the domain | Personal sites, blogs, most marketing sites | Fast, automated, included with HostBible |
OV (Organization Validation) | Domain + your legal organization | Businesses that want company details vetted | Manual paperwork/verification required |
EV (Extended Validation) | Domain + enhanced org checks | Regulated or high‑trust environments | Strictest vetting; browser UI is minimal nowadays |
Wildcard ( | One cert for all first‑level subdomains | Many subdomains (e.g., | Not included by default |
SAN / Multi‑domain | Multiple different hostnames on one cert | Suites of sites/brands | Planning required to list all names up front |
What’s included for free on every HostBible plan
Automatic DV certificates for hostnames that point to and are served by HostBible.
Auto‑renewal handled by our platform—no manual steps when things are configured correctly.
Modern TLS configuration on our edge so visitors get secure connections by default.
What you’ll typically see:
Padlock in the browser and https:// for your site.
Certificates renewing seamlessly without action from you.
What you may still need to do
Point DNS to HostBible.
Certificates can only be issued for hostnames that publicly resolve to our platform.Force HTTPS.
Set up a global 301 redirect from
httptohttps.In CMSs (e.g., WordPress), update the site URL to
https://and clear caches.
Fix mixed content.
Replace any hard‑codedhttp://assets (images, scripts, CSS) withhttps://or protocol‑relative URLs to keep the padlock.If you use a CDN or proxy (e.g., Cloudflare):
Use end‑to‑end encryption (often called Full (strict)).
Ensure the CDN has a valid certificate and the origin (HostBible) does too.
“Flexible” modes terminate TLS only at the CDN and are not fully secure.
Limitations & considerations (the fine print)
DV only is included. OV/EV validation, legal vetting, and company details in the cert are not part of the free offering.
Wildcard certs aren’t included by default. If you need
*.example.com, talk to us about options.Hostname coverage is per name. Each hostname you serve (e.g.,
www.example.com,app.example.com) needs issuance. Add and point new subdomains to HostBible so we can provision them.Domain must be publicly reachable. We can’t issue for private/internal hostnames (e.g.,
.local, staging names behind firewalls) or domains not resolving to our infrastructure.CDNs/proxies may need extra steps. Your CDN and origin each need valid certs to remain end‑to‑end encrypted.
Short certificate lifetimes are normal. Modern CAs issue shorter‑lived certs that our platform renews automatically behind the scenes.
Email hostnames: If you connect mail clients to a custom hostname (e.g.,
mail.example.com), additional configuration may be needed. Using our recommended mail hostnames avoids certificate‑name mismatch warnings.Bring‑your‑own certificate (BYOC): If you require OV/EV or a specific wildcard/multi‑domain arrangement, contact support to discuss installation options and any plan prerequisites.
Recommended best practices
Enable HSTS (HTTP Strict Transport Security) once your site is fully on HTTPS to prevent downgrades.
Keep third‑party embeds secure (analytics, fonts, payment widgets).
Use the Secure and SameSite cookie flags for session cookies.
Periodically audit your pages for mixed content and third‑party script hygiene.
How to check your certificate
Visit your site at
https://yourdomainand click the padlock > Connection is secure (wording varies by browser).Check that all pages (not just the homepage) load over HTTPS with no mixed content warnings.
If you use a CDN, verify both the CDN edge and the origin (HostBible) present valid certs.
Troubleshooting
I don’t see HTTPS or the padlock
Confirm the domain’s A/AAAA or CNAME records point to HostBible.
Remove conflicting proxies or ensure they’re set to end‑to‑end TLS (Full/Strict).
Make sure your app/CMS isn’t forcing
http://or caching old URLs.
Certificate issued for the apex but not a subdomain
Add the subdomain to your HostBible project and point DNS to us; issuance happens per hostname.
Browser says “certificate name mismatch”
You’re likely connecting to a hostname that isn’t on the certificate. Use the exact domain that was issued or add the missing hostname.
E‑commerce/Compliance wants OV/EV
DV meets the encryption bar, but some compliance teams require org‑validated certs. We can help procure/install OV/EV—reach out to support.
FAQs
Is SSL really free on all plans?
Yes, automatic DV SSL certificates are included with every HostBible plan.
Do I need a dedicated IP address?
No. We use SNI (Server Name Indication), supported by all modern browsers.
Does free SSL include wildcard or multi‑domain?
Wildcard is not included by default. Multi‑domain needs planning and may require a custom setup, contact support.
Will this improve SEO?
HTTPS is a best practice and a lightweight ranking signal. More importantly, it protects your users.
Can I use my own certificate?
If you need OV/EV or a particular wildcard/SAN arrangement, contact support and we’ll discuss BYOC options.
Getting help
If you’re stuck—especially with DNS, CDNs/proxies, or mixed content—send us your domain and a brief description of your setup. We’ll review and get you to a clean HTTPS deployment.