The “SSL Seal Code” admin setting allows you to display information related to your site’s security on the Membership Checkout page. It provides users with a way to validate your site’s SSL Certificate or relationship with other security partners for increased peace of mind when using your checkout forms.

This post covers how to add content to that field to display alongside the “Payment Information” section of Membership Checkout.

Note: This field is NOT for the actual SSL certificate, which must be installed on your web server either by your web hosting company or yourself. Read more about SSL and Paid Memberships Pro »

Using Your SSL Provider’s “Seal Code”

Most SSL Providers offer an image-based or JavaScript-based link that you can display on your site. When a visitor clicks this link, they will see a popup or be taken to an external page that shows specific security information about your website.

If the code provided by your SSL issuer is basic HTML (a link and image tag), you can simply copy place this code directly into the “SSL Seal Code” field on the Memberships > Payment Gateway & SSL” admin page.

If the code provided by your SSL issuer includes the script, you must use custom code to display the seal. Allowing text fields in the WordPress admin to accept script tags exposes your site to security vulnerabilities, including cross-site scripting attacks.

Below is an example method to insert an SSL Seal provided by AlphaSSL:

Where to Find Your SSL Provider’s Seal Code

Here are links to the top SSL providers used by Paid Memberships Pro members. The page will have a block of code, either an image and link or a block of JavaScript, that you can use on your site using the appropriate method outlined above.

ssl_who_is_my_issuerDon’t know who your SSL issuer is?

If you don’t know who your SSL provider is, go to your website and click the “lock” icon in the browser’s URL field. This should give you the name of the issuer.

Other banners and verification images

Depending on your gateway, you may want to include other “powered by” or “verified” type badges, such as a PayPal or Stripe logo. We use Stripe as our payment gateway, so I also recently added a “powered by stripe” image to that page.

Here are some links to verified and banner images for various gateways and third party security providers:

You must embed these badges using a relative URL or the https protocol if you upload them to your site’s media library. If you don’t, you’ll be loading insecure content through an insecure connection (no green padlock!).

Again, note that if the provided “verified” banner or image is loaded via the script tag, you must use the custom code as outlined above to display the content. Allowing text fields in the WordPress admin to accept script tags exposes your site to security vulnerabilities, including cross-site scripting attacks.

A note about “shared” or “free” SSLs

You cannot use a shared SSL on your Paid Memberships Pro-powered website. Additionally, if you have a network site where the URL structure uses subdomains (i.e. and, you must either install a unique SSL for each subdomain or purchase a Wildcard SSL to cover all subdomains.

Continue reading about SSL: How to Install Your SSL Certificate and Configuring WordPress to Always Use HTTPS/SSL

Comments (14)

I put the Comodo Javascript into the functions.php file as directed and it doesn’t show up on the checkout page. I even uploaded the image to my server and pasted the image url in the seal code section and only the script shows on the page. Please help.

If the script is in place and looks correct but is not showing there may be an issue with the SSL on your site. We’d be able to take a look at how you have the customization code as part of Plus membership here, but I would also advise you confirm with your host that the SSL is working properly. You can also try deleting the page cache on the Checkout page and, if this works, be sure to add a rule to your caching plugin not to cache your checkout page.

Re: shared SSL…I have ‘Let’s Encrypt’ certificates installed on my site. Can I not use those with PMP?

Is the SSL Seal Code field required?


@atfpodcast You can just buy the ssl cert at Namecheap, no need to move your domain there (when I say “move” I mean changing domain registrars, not hosting). Just trying to save you money.

Namecheap offers PositiveSSL certs for $1 for the first year ($9 a year after that) with domain registration. Worth moving your domain to them if you need a cheap cert.

Leave a Reply

For faster support related to issues on your specific site please open a ticket in our members support area.

Your email address will not be published. Required fields are marked *