How to Get an SSL Certificate in 8 Simple Steps
Our independent research projects and impartial reviews are funded in part by affiliate commissions, at no extra cost to our readers. Learn more
Before your website can turn visitors into loyal readers, leads, or customers, it has to look professional, secure, and credible. With this goal in mind, one of the best ways to secure your website is to obtain an SSL (Secure Sockets Layer) certificate.
An SSL certificate is a piece of code on your web server that creates an encrypted connection, which keeps any data submitted by your website users safe and secure. In fact, if you don’t have an SSL certificate, popular web browsers will alert people who visit your website that the website is not secure.
In this article, we’ll discuss how to acquire an SSL certificate, keeping everything as simple and as jargon-free as possible – promise!
1. Have the Correct Website Information
SSL certificates are issued by an entity known as a Certificate Authority (CA). The process of acquiring any website security certificate can be really easy, especially if you’re prepared in advance with the right information required by the CA. This information includes:
A Unique IP Address
Based on how SSL protocol works, each certificate you want to obtain will require a separate IP address. Otherwise, people using certain older devices and web browsers will not be able to use your website. You can use this tool to find out your website’s IP address.
An Accurate WHOIS Record
When you request an SSL certificate for a domain, the certificate authority will need to verify that you own the domain name. To do that, it will check the domain’s WHOIS record.
You can use a domain lookup tool to check your WHOIS record. If the information you find is obsolete, make sure to update it!
Business/Organization Validation
If you are requesting a high-assurance certificate, the certificate authority may check government databases to validate your business. In addition, the CA may also ask you to provide the government registration document associated with your business.
2. Decide Which SSL Certificate You Need
There are many different types of SSL certificates, and they can be categorized based on:
- Validation level: Domain Validation, Organization Validation, and Extended Validation
- Secured Domains: Single Domain, Wildcard, and Multi-Domain
Let’s look at a brief overview of each type:
Domain Validation: This is the cheapest and lowest level of validation, which just makes sure that your company has control over the domain. It’s best suited for small businesses that generally don’t exchange any information with users.
Organization Validation: This is the medium level of validation. It checks not only domain ownership, but also details of the organization, such as name and location. This level is ideal for business websites with forms and lead-capturing features.
Extended Validation: This is the most expensive and thorough level of validation. As well as domain ownership and organization details, it verifies the company’s physical location and legal existence. It’s a good fit for websites that handle sensitive information, such as financial transactions.
Single Domain: Provides protection for a single subdomain. An SSL certificate purchased for johndoe.com, for instance, cannot be used for subdomains, such as blog.johndoe.com
Wildcard: Offers protection for unlimited subdomains of a single domain. For example, an SSL certificate purchased for johndoe.com can be applied to any subdomains, such as blog.johndoe.com or shop.johndoe.com.
Multi-Domain: Provides protection for up to 100 domains with a single SSL certificate. An SSL certificate purchased for johndoe.com, for example, can be applied to other domains, such as janedoe.com.
Which type of SSL is right for you will depend on several factors and your unique business position.
For example, a single page website for a local coffee shop that’s used to communicate simple information such as their location and opening times would likely only require Domain Validation. This is especially true if they aren’t collecting or using any visitor data or information.
On the other hand, an ecommerce website that requires visitors to input information such as personal addresses and credit card details, would need to demonstrate a higher level of security and trust with an Extended Validation. In contrast to the last example, an ecommerce store may collect customer data for use in marketing campaigns, making it better suited for Extended Validation.
Whether your website is best suited to a single, wildcard or multi-domain SSL will depend on its structure. For example, the single page cafe website wouldn’t need anything beyond a single domain. On the other hand, the ecommerce store is likely to have multiple product pages, category pages, and blog – making a wildcard or multi-domain SSL much more suitable.
It’s also important to consider cost. SSL certificate costs vary depending on the type you choose, so make sure you can afford the SSL certificate you want to install.
3. Choose a Certificate Authority
A Certificate Authority (CA) is an entity that issues SSL certificates. There are dozens of CAs operating around the world, but only a few of them own the majority of the global SSL market share. These bigger players include GoDaddy and GlobalSign.
Image Source: About SSL
You want to pick a reputable CA that can provide the type of SSL certificate you need, while also aligning with your budget and business objectives.
4. Generate a Certificate Signing Request (CSR)
Acertificate signing request(CSR) is a file to be generated on your web server before you request an SSL certificate from a CA. The CA will then use the information in this file to issue your SSL certificate.
The process of generating a CSR depends on the web server and hosting that your website is using. We’d recommend contacting your web host to find out if they have instructions in their knowledge base about generating a CSR.
5. Submit the CSR to Your Certificate Authority
Now that you’ve generated a CSR, the next step is to head over to the website of the CA you picked, and purchase the type of SSL certificate you’ll need.
After completing the checkout process, the CA will ask you to submit the CSR file you generated in the previous step.
6. Await Validation by Your Certificate Authority
Depending on the type of SSL certificate you purchase, the CA can take anywhere between a couple hours and a few days to validate your details, and issue your site’s SSL certificate.
For example, obtaining a domain validation certificate typically takes a couple of minutes, while an extended validation can take a few days.
7. Install Your SSL Certificate
Once the CA has processed your SSL certificate request, it will send you an email allowing you to access your SSL certificate. Alternatively, you can download it from the user account you created when purchasing the certificate.
The process of installing an SSL certificate depends on the OS (operating system) of the web server on which your site is hosted. Contact your web host for more info about this, or check if it has provided any online instructions on how to install your SSL certificate.
8. Test and Maintain Your SSL Certificate
Great, so you now have your SSL certificate installed. The hard work is done. But it isn’t over.
Best practice dictates that website owners should test their SSL certificate and create a schedule for maintenance. This will help provide you with peace of mind and ensure that your certificate doesn’t go wrong or run out without you knowing.
The first step is test your SSL. This can be done using SSL verification tools such as Digicert or SSL Shopper. These tools will provide you with essential information such as whether all the pages on your website are loading securely.
Next, you should create a schedule (and set a reminder) to regularly monitor your SSL certificate expiration and renewal dates. Typically an SSL will last 13 months, but you need to check the specific details of your certificate to ensure you do not miss the expiry.
It is best practice to renew your SSL certificate and update its installation on your website or server before it expires. This can save a lot of hassle and ensure there is no period where your site does not have an SSL.
Can I Get a Free SSL Certificate?
Yes, you can. Most of the top hosting providers, including Bluehost, HostGator, and InMotion, provide you with a free SSL certificate as part of your hosting package.
Case in point: Bluehost. When you sign up for a hosting account with Bluehost, you’ll find a Let’s Encrypt SSL automatically included in your package. To activate your SSL certificate, simply:
- Go to your Bluehost control panel
- Navigate to My Sites > Manage Site
3. Under the Security tab, toggle on the SSL certificate switch
That’s all it takes! Once you’ve turned on the SSL switch, it can take a few hours to activate, so don’t worry if it doesn’t happen instantly.
Find Out More
- We rank the Best Free SSL Hosting Providers to match you with the right host for your needs.
How to Get an SSL Certificate: Summary
As we discussed, obtaining an SSL certificate involves the following steps:
- Ensure you have the correct website information
- Decide the type of SSL certificate you need
- Choose a Certificate Authority (CA)
- Generate a Certificate Signing Request (CSR)
- Submit the CSR to a Certificate Authority (CA)
- Await validation by the CA
- Install your SSL certificate
- Test and maintain your SSL certificate
An SSL certificate goes a long way towards providing a great user experience, boosting SEO, and helping your business align with industry standards. So go ahead and put these steps into action – and good luck!
8 comments