How to Add an SSL Certificate to a Website

How to Add an SSL Certificate to a Website

Ready to add an SSL certificate to your website? This guide walks you through the process step-by-step, covering everything from selecting the right SSL to installing and verifying it on your server.

Let’s get started and make the switch to HTTPS.


Table of Contents


Step 1: Choose the Right Type of SSL Certificate

Choosing the right SSL certificate for your website is the first step in securing your site. Here are some common types:

  • Domain Validation (DV): DV certificates are the simplest and quickest to obtain. They verify that the applicant owns the domain, but they don’t provide detailed information about the organization behind the site. This makes them ideal for small websites or personal blogs that need basic security.
  • Organization Validation (OV): OV certificates are a step up from DV certificates, requiring verification of the organization behind the domain. This is suitable for business websites as it provides an added layer of trust by displaying the company name in the certificate details.
  • Extended Validation (EV): EV certificates offer the highest level of verification and are generally used by large corporations, e-commerce sites, and financial institutions. They go through rigorous checks to validate the organization’s identity, making them one of the most secure options.
  • Single Domain: This type covers only one domain, making it an ideal option if you only have one website without subdomains.
  • Wildcard: Perfect for those who need to secure a primary domain and its subdomains, such as example.com and blog.example.com.
  • Multi-Domain: Also known as SAN or UCC certificates, this type is designed for those managing multiple domains under one SSL certificate, such as example.com, example.net, and example.org.

Tip: Consider your site structure and future expansion plans when choosing your SSL certificate. Wildcard and multi-domain options offer flexibility if you have multiple subdomains or websites to secure.


With the right SSL certificate chosen, the next step is to install and configure it. Follow these steps for a smooth SSL setup.

Step 2: Purchase or Obtain an SSL Certificate

To get started, you’ll need to acquire an SSL certificate. Here are two main options:

  1. Selecting a Trusted SSL Provider: Choose a reliable SSL provider that fits your needs, with factors such as compatibility, support, and validation levels to consider. Providers like Sectigo, DigiCert, and GeoTrust are common choices, but SSL Dragon offers a wide range of affordable, high-quality SSL certificates with customer support, easy installation guides, and competitive pricing.
  2. Free SSL Certificates: Let’s Encrypt provides a widely accepted, free SSL certificate. These certificates are valid for 90 days, and most hosting providers offer automated renewals.

Most hosting providers offer SSL certificates as add-ons or even include them for free. If your host offers SSL, simply activate it from the hosting control panel.


Step 3: Generate a Certificate Signing Request (CSR)

To issue an SSL certificate, most providers require a Certificate Signing Request (CSR). This file contains details about your website and is a security request from your server.

Depending on your SSL certificate, the Certificate Authority will process your request in just a few minutes or a couple of business days. Domain Validation certs are issued within 5 minutes, while Business Validation and Extended Validation certs in 1-3 days.

Generating a CSR through cPanel

  1. Log in to your hosting account’s cPanel.
  2. Navigate to Security > SSL/TLS.
  3. Select “Generate, view, or delete SSL certificate signing requests.
  4. Enter the required details (such as domain name, location, and email).
  5. Click Generate to receive your CSR, which will appear as a block of code.

Generating a CSR through a Web Hosting Dashboard

If you don’t use cPanel, many web hosting providers offer a straightforward CSR generation option in their dashboards. Look for SSL/TLS options within your hosting account’s security settings, and follow the prompts.

Command Line for VPS/Dedicated Servers

  1. For those with VPS or dedicated servers, the CSR can be generated via the command line:

    openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
  2. Follow the prompts to enter details like domain name, city, and country.

Save the CSR and private key generated in this process. You’ll need to submit the CSR to your SSL provider for validation.


Step 4: Install the SSL Certificate on Your Web Server

Once you receive the SSL certificate from your provider, it’s time to install it on your web server. Instructions may vary depending on the server you’re using.

Installing SSL via cPanel

  1. Go to SSL/TLS Manager in your cPanel dashboard.
  2. Under Install and Manage SSL for your site (HTTPS), click Manage SSL sites.
  3. Select the domain you’re installing the SSL certificate for and paste the certificate code from your provider.
  4. Click Install Certificate to complete the process.

Configuring SSL on Apache

  1. Place your SSL certificate and private key files in a secure directory on your server.
  2. Edit your Apache configuration file, typically located at /etc/httpd/conf/httpd.conf or /etc/apache2/sites-available/yourdomain.conf.
  3. Add the following lines:

    SSLEngine on
    SSLCertificateFile /path/to/yourdomain.crt
    SSLCertificateKeyFile /path/to/yourdomain.key
    SSLCertificateChainFile /path/to/your_CA_bundle.crt
  4. Save and exit, then restart Apache with sudo systemctl restart apache2 or sudo service httpd restart.

Setting up SSL on Nginx

  1. Place your SSL certificate and key in a secure folder.
  2. Edit your Nginx configuration file, often found at /etc/nginx/sites-available/yourdomain:

    server {
    listen 443 ssl;
    server_name yourdomain.com;
    ssl_certificate /path/to/yourdomain.crt;
    ssl_certificate_key /path/to/yourdomain.key;
    ssl_trusted_certificate /path/to/your_CA_bundle.crt;
    }
  3. Save and close the configuration file, then restart Nginx with sudo systemctl restart nginx.

Other Control Panels: Plesk, DirectAdmin, etc.

For other hosting environments like Plesk or DirectAdmin, follow the SSL installation instructions specific to that control panel. Each has an SSL/TLS section where you can upload and apply your SSL certificate.


Step 5: Update Your Website to HTTPS

With your SSL certificate installed, it’s time to ensure your website uses HTTPS securely.

Configuring HTTPS in WordPress

  • Change your WordPress settings by going to Settings > General and updating both the “WordPress Address (URL)” and “Site Address (URL)” to start with “https://.”
  • Consider using a plugin like Really Simple Security (formerly Really Simple SSL), which automates the transition to HTTPS and ensures all URLs are updated to HTTPS.

Redirecting HTTP to HTTPS

A 301 redirect will help route all HTTP traffic to the HTTPS version of your site, maintaining SEO value.

For Apache servers, add the following in your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

For Nginx servers, add the following to your configuration:

server {
listen 80;
server_name yourdomain.com;
return 301 https://$server_name$request_uri;
}

Update internal links, media files, and scripts to HTTPS to prevent mixed content warnings and enhance security.


Step 6: Verify SSL Installation

After setting up HTTPS, it’s essential to verify the SSL certificate is correctly installed.

  • Check HTTPS functionality: Use an online SSL checker like SSL Labs to confirm your certificate is properly installed and configured.
  • Testing HTTPS in Browsers: Open your website in multiple browsers to verify the padlock icon appears and that no security warnings are present.
  • Resolve any SSL errors: Some common errors include browser warnings for mixed content or outdated SSL. Ensure all your site’s assets, like images, scripts, and CSS files, load over HTTPS to prevent these warnings.

Wrapping It All Up

If you’re ready to find the perfect SSL certificate, SSL Dragon offers a range of affordable and reliable options for all types of sites. From simple single-domain SSLs to advanced multi-domain certificates, SSL Dragon makes securing your site easy with step-by-step support and competitive pricing. Explore SSL certificates on SSL Dragon and get started today.

Save 10% on SSL Certificates when ordering from SSL Dragon today!

Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10

A detailed image of a dragon in flight
Written by

Experienced content writer specializing in SSL Certificates. Transforming intricate cybersecurity topics into clear, engaging content. Contribute to improving digital security through impactful narratives.