How to Get an SSL Certificate in 8 Simple Steps

Our independent research projects and impartial reviews are funded in part by affiliate commissions, at no extra cost to our readers. Learn more

Task time:
1 - 3 days
Difficulty:
Moderate

Before your website can turn visitors into loyal readers, leads, or customers, it has to look professional, secure, and credible. With this goal in mind, one of the best ways to secure your website is to obtain an SSL (Secure Sockets Layer) certificate.

An SSL certificate is a piece of code on your web server that creates an encrypted connection, which keeps any data submitted by your website users safe and secure. In fact, if you don’t have an SSL certificate, popular web browsers will alert people who visit your website that the website is not secure.

In this article, we’ll discuss how to acquire an SSL certificate, keeping everything as simple and as jargon-free as possible – promise!

1. Have the Correct Website Information

SSL certificates are issued by an entity known as a Certificate Authority (CA). The process of acquiring any website security certificate can be really easy, especially if you’re prepared in advance with the right information required by the CA. This information includes:

A Unique IP Address

Based on how SSL protocol works, each certificate you want to obtain will require a separate IP address. Otherwise, people using certain older devices and web browsers will not be able to use your website. You can use this tool to find out your website’s IP address.

An Accurate WHOIS Record

When you request an SSL certificate for a domain, the certificate authority will need to verify that you own the domain name. To do that, it will check the domain’s WHOIS record.

Domain Lookup tool by NameCheap
Domain Lookup tool by NameCheap

You can use a domain lookup tool to check your WHOIS record. If the information you find is obsolete, make sure to update it!

Business/Organization Validation

If you are requesting a high-assurance certificate, the certificate authority may check government databases to validate your business. In addition, the CA may also ask you to provide the government registration document associated with your business.

TOP TIP: Avoid mixed content (using both secure and non-secure content) because this could cause security or “mixed content” error warnings. Instead, make sure all elements, including images, load over HTTPS

2. Decide Which SSL Certificate You Need

There are many different types of SSL certificates, and they can be categorized based on:

  • Validation level: Domain Validation, Organization Validation, and Extended Validation
  • Secured Domains: Single Domain, Wildcard, and Multi-Domain

Let’s look at a brief overview of each type:

Domain Validation: This is the cheapest and lowest level of validation, which just makes sure that your company has control over the domain. It’s best suited for small businesses that generally don’t exchange any information with users.

Organization Validation: This is the medium level of validation. It checks not only domain ownership, but also details of the organization, such as name and location. This level is ideal for business websites with forms and lead-capturing features.

Extended Validation: This is the most expensive and thorough level of validation. As well as domain ownership and organization details, it verifies the company’s physical location and legal existence. It’s a good fit for websites that handle sensitive information, such as financial transactions.

Single Domain: Provides protection for a single subdomain. An SSL certificate purchased for johndoe.com, for instance, cannot be used for subdomains, such as blog.johndoe.com

Wildcard: Offers protection for unlimited subdomains of a single domain. For example, an SSL certificate purchased for johndoe.com can be applied to any subdomains, such as blog.johndoe.com or shop.johndoe.com.

Multi-Domain: Provides protection for up to 100 domains with a single SSL certificate. An SSL certificate purchased for johndoe.com, for example, can be applied to other domains, such as janedoe.com.

Which type of SSL is right for you will depend on several factors and your unique business position.

For example, a single page website for a local coffee shop that’s used to communicate simple information such as their location and opening times would likely only require Domain Validation. This is especially true if they aren’t collecting or using any visitor data or information.

On the other hand, an ecommerce website that requires visitors to input information such as personal addresses and credit card details, would need to demonstrate a higher level of security and trust with an Extended Validation. In contrast to the last example, an ecommerce store may collect customer data for use in marketing campaigns, making it better suited for Extended Validation.

Whether your website is best suited to a single, wildcard or multi-domain SSL will depend on its structure. For example, the single page cafe website wouldn’t need anything beyond a single domain. On the other hand, the ecommerce store is likely to have multiple product pages, category pages, and blog – making a wildcard or multi-domain SSL much more suitable.

It’s also important to consider cost. SSL certificate costs vary depending on the type you choose, so make sure you can afford the SSL certificate you want to install.

Top Tip: Picking the wrong SSL certificate for your website can cost considerable time and money, as well as potentially putting customers or visitors at risk. Take time to consider which certificate is best. If you are confused, seek help from a website professional.

3. Choose a Certificate Authority

A Certificate Authority (CA) is an entity that issues SSL certificates. There are dozens of CAs operating around the world, but only a few of them own the majority of the global SSL market share. These bigger players include GoDaddy and GlobalSign.

Pie chart showing CA market share
Pie chart showing CA market share

Image Source: About SSL

You want to pick a reputable CA that can provide the type of SSL certificate you need, while also aligning with your budget and business objectives.

4. Generate a Certificate Signing Request (CSR)

Acertificate signing request(CSR) is a file to be generated on your web server before you request an SSL certificate from a CA. The CA will then use the information in this file to issue your SSL certificate.

The process of generating a CSR depends on the web server and hosting that your website is using. We’d recommend contacting your web host to find out if they have instructions in their knowledge base about generating a CSR.

5. Submit the CSR to Your Certificate Authority

Now that you’ve generated a CSR, the next step is to head over to the website of the CA you picked, and purchase the type of SSL certificate you’ll need.

After completing the checkout process, the CA will ask you to submit the CSR file you generated in the previous step.

6. Await Validation by Your Certificate Authority

Depending on the type of SSL certificate you purchase, the CA can take anywhere between a couple hours and a few days to validate your details, and issue your site’s SSL certificate.

For example, obtaining a domain validation certificate typically takes a couple of minutes, while an extended validation can take a few days.

7. Install Your SSL Certificate

Once the CA has processed your SSL certificate request, it will send you an email allowing you to access your SSL certificate. Alternatively, you can download it from the user account you created when purchasing the certificate.

The process of installing an SSL certificate depends on the OS (operating system) of the web server on which your site is hosted. Contact your web host for more info about this, or check if it has provided any online instructions on how to install your SSL certificate.

TOP TIP: It is important to always use an SSL certificate for your entire website and not just for specific pages.

8. Test and Maintain Your SSL Certificate

Great, so you now have your SSL certificate installed. The hard work is done. But it isn’t over.

Best practice dictates that website owners should test their SSL certificate and create a schedule for maintenance. This will help provide you with peace of mind and ensure that your certificate doesn’t go wrong or run out without you knowing.

The first step is test your SSL. This can be done using SSL verification tools such as Digicert or SSL Shopper. These tools will provide you with essential information such as whether all the pages on your website are loading securely.

Next, you should create a schedule (and set a reminder) to regularly monitor your SSL certificate expiration and renewal dates. Typically an SSL will last 13 months, but you need to check the specific details of your certificate to ensure you do not miss the expiry.

It is best practice to renew your SSL certificate and update its installation on your website or server before it expires. This can save a lot of hassle and ensure there is no period where your site does not have an SSL.

TOP TIP: Testing your SSL is essential. Testing will help you spot and fix these errors before they become an issue. An easy way to check problems is via an online diagnostic tool like SSL Server Test.

Can I Get a Free SSL Certificate?

Yes, you can. Most of the top hosting providers, including Bluehost, HostGator, and InMotion, provide you with a free SSL certificate as part of your hosting package.

Case in point: Bluehost. When you sign up for a hosting account with Bluehost, you’ll find a Let’s Encrypt SSL automatically included in your package. To activate your SSL certificate, simply:

  1. Go to your Bluehost control panel
  2. Navigate to My Sites > Manage Site
Site option in Bluehost Control Panel
Site option in Bluehost Control Panel

3. Under the Security tab, toggle on the SSL certificate switch

Switching on SSL certificate in Bluehost Security tab
Switching on SSL certificate in Bluehost Security tab

That’s all it takes! Once you’ve turned on the SSL switch, it can take a few hours to activate, so don’t worry if it doesn’t happen instantly.

Find Out More

How to Get an SSL Certificate: Summary

As we discussed, obtaining an SSL certificate involves the following steps:

  1. Ensure you have the correct website information
  2. Decide the type of SSL certificate you need
  3. Choose a Certificate Authority (CA)
  4. Generate a Certificate Signing Request (CSR)
  5. Submit the CSR to a Certificate Authority (CA)
  6. Await validation by the CA
  7. Install your SSL certificate
  8. Test and maintain your SSL certificate

An SSL certificate goes a long way towards providing a great user experience, boosting SEO, and helping your business align with industry standards. So go ahead and put these steps into action – and good luck!

Written by:
I’m a content writer for Website Builder Expert. I’m a bit of a business and marketing nerd and love sharing my knowledge and experience to help others achieve their business goals. From complex engineering and brewing to international events and brand design agencies, I’ve worked in marketing roles for well over 10 years now. During this time I developed a skill for turning complex (and occasionally dull) information into exciting, easy-to-understand, and actionable content. I also set up my own content marketing consultancy and launched my own ecommerce business on Shopify.

8 comments

Your email address will not be published. Required fields are marked *