Drupal: Using a shared SSL certificate on Hostgator

Blog post of June 28, 2011.

There’s a private Drupal site I use as a personal information manager (PIM). It contains summaries of articles, useful links, usernames and passwords for development sites, and lots of other stuff. I’m the only person who uses the PIM.

The PIM runs on a shared hosting account from Hostgator. I’ve been using Hostgator for many years. It’s the best of several hosting companies I’ve tried. The prices are good, and the customer service is excellent.

You can get a Hostgator account by clicking here:

Buy hosting

If you buy hosting using this link, CoreDogs gets a referral fee.

I wanted to use SSL for the PIM. Hostgator has an SSL certificate they let customers use for free. There’s a catch: you have to use Hostgator’s domain name, that is, hostgator.com. Certificates are bound to domains, so the restriction makes sense.

Here’s what I did to get it to work.

Find out the secure URL

You don’t need to do anything to use the shared SSL certificate. Just use the right URL, and it will be invoked automatically.

This article tells you the URL to use. It’s based on:

  • Your server
  • Your Hostgator username
  • The directory your site is in

Hostgator has many servers. They put your files on one of them, and tell you want it is. You can find the name in the lower left of your cPanel page. It will be something like gator666.

Your Hostgator username is the one you use to log in to cPanel. E.g., jsmith.

What about the directory? Your username is really the name of a Unix account on the server. In Unix, each account has a home directory. Inside this directory is a directory called public_html, and your sites are under that.

I have my PIM site in the directory ~/public_html/pim. ~ is Unix-speak for “the current user’s home directory.”

The secure URL to your Web root would be something like:


If your PIM site is in ~/public_html/pim, the path to your PIM would be:


To sum up: There is already an SSL certificate on your server, ready to go. You just need to use the right URLs to refer to your existing files, and they’ll be encrypted. W00f!

Turn off Drupal’s clean URLs

When I tried this, the path worked, but I couldn’t get beyond the first page, the one at my version of:


Drupal uses clean URLs to pass data around. This is great for public sites. It makes URLs clean and SEO friendly. But the clean URLs mess with the strange URLs you must use when you use Hostgator’s shared certificate.

The solution? Turn off clean URLs. Look under Configuration in Drupal’s admin menu.

Add $base_url to settings.php

The site will now work, except for one problem. Let’s say you’re looking at the page https://.../a, and you click a link to /b. Sometimes, Drupal will jump to http://.../b (s is missing in https).

Why? I don’t know. But I do know how to fix it.

Edit settings.php, in sites/default/. Add a line like this:

$base_url = 'https://gator666.hostgator.com/~jsmith666/pim';

User your server name, user name, and directory, of course.

Drupal will use the value of $base_url as the left-hand part of the URLs. It contains https, not http.

All done!

Let me know if there are errors here. It works for me, but I’m not a server samurai.

Blog list


How to...