OJS site and security certificate

When I access our journal I get warning by Chrome that this site is not secure with bunch of info. This will affect indexing of our journal. How can we avoid this please? Is this a server domain setting or OJS installation? Do we need any specific security certificate please?

Please open in chrome and see at the corner of URL bar


Chrome will now flag any password prompts which allow for unsecured transmission of credentials, such as the user login for your journal.

To resolve this, you need to install an SSL certificate to enable trusted HTTPS connections to your site. You can then turn on the config.inc.php directive “force_login_ssl”.

Where do I install this certificate, on our server you mean?

I see that my server offer this


Personally we use: https://letsencrypt.org/
It is free.

Yes, any SSL certificate which is trusted by browsers will work, whether purchased or provided courtesy of your hosting provider, purchased elsewhere, or supplied from a service such as letsencrypt. Some hosting providers may restrict options of what source(s) of certificates you can use.

The SSL certificate will be installed at the server level, so assistance from a system administrator or hosting provider may be required.

1 Like


we have multiple journals hosted on same instance of ojs and domain for each particular journal we are redirecting through .htaccess

journal1 : abc.com
journall2 : xyz.com

let us know how to apply SSL certificates individually for each journal website in this scenario.

webserver : apache2

Have a look at the dehydrated ACME client for installing LetsEncrypt certificates: GitHub - dehydrated-io/dehydrated: letsencrypt/acme client implemented as a shell-script – just add water . Super easy.