Installing SSL is a technical process but most of the popular web hosting control panels make it extremely easy for anyone to install an SSL certificate. Here is everything you need to know about installing an SSL certificate.
You should know that there are three different types of SSL certificates. The basics are the same for all kinds of SSL certificates as all these three types encrypt the information. The difference between these three is the amount of information that is required by the SSL provider for validating the owner.
These three types of SSL certificates are domain validation certificates (DV), organization validation certificates (OV), and extended validation certificates (EV). For domain validation certificates, the SSL provider only checks whether the owner has the authority to use a specific domain name.
The organization validation certificate requires a bit more paperwork as the SSL provider conducts some vetting of the organization. The extended validation certificate is given after a comprehensive vetting of the organization. It’s also important to mention here that the SSL certificate is issued for the main domain but if you want an SSL certificate for all the subdomains as well, there is a wildcard version that includes unlimited subdomains. The SSL certificates are issued on an annual basis and have to be renewed each year. It works similarly to domain renewal.
As far as the cost is concerned, certain organizations provide the domain validation certificate for free. You can also get a DV SSL certificate from your domain registrar at an extremely low price. However, for an organization validation certificate and an extended validation certificate, you will have to pay a far higher price. In most cases, the domain validation SSL certificate should suffice in case you are not doing any banking transactions or collecting credit card information on your website.
To install an SSL certificate, you will first need to generate a certificate signing request (CSR) from your web hosting control panel. The CSR contains the domain as well as your company information. You will need to buy an SSL certificate from an SSL provider. As mentioned above, there are several providers of SSL certificates, and you are free to choose anyone.
The next step is to upload the CSR file to the SSL provider admin panel to generate certificates for your server. You will also need to provide an email for creating the certificate as your primary certificate will be sent to this email address. This SSL certificate then needs to be uploaded to your web server. After uploading the certificate, you will need to install it. Once the installation is done, the server will restart. Most hosts provide simpler methods to secure a website in their administrator dashboards. It’s impossible to cover every different host here but a few a very common.
If your host has integrated Let’s Encrypt you can secure your website very easily. It comes down to a few clicks. So please check your hosting dashboard and see if there is a button for Let’s encrypt. After you go through the short process, you are all set. If you face any problems with any of these steps, your web host should be able to help you.
Once the certificate is installed, it’s time to test all the pages on your website with the HTTPS version. If everything works as it should, you should be able to access your website with HTTPS. However, you are not done yet.
Your website now has two different versions, one with HTTP and the other with HTTPS. You need to redirect all the HTTP URLs on your website to the new address beginning with HTTPS. There are several code snippets available online that can be used for this purpose. It is recommended to use the mod rewrite function to redirect all the pages to the new HTTPS URLs. The mod rewrite will help you make these changes at the server level, and you won’t have to make redirects on every single page.
Setting Up WordPress
You will also need to re-validate the domain in Google Search Console. You can easily do this by adding the HTTPS versions as properties. You want to end up with 4 versions of your website: with and without www, with and without HTTPS.
Test Your Website
After you have everything set up, open your site in an incognito browser window and see if you get the green lock. [insert image of lock]. Browse the most important pages and see if they are displayed as secure. If everything is right, congratulations you are done. However, most often I find that I get mixed content warningThis doesn’t mean you did anything wrong. It’s commonly caused by image links that still point to the HTTP version or external content from non-SSL sources.