SSL certificates have become a hot commodity in today’s Internet. Every website, regardless of type and size, needs one to comply with the latest web security and SEO guidelines.
Whether it’s a basic site or a complex platform, when it comes to sensitive data encryption, all are equal before the leading browsers. If you don’t secure your website, the likes of Chrome and Firefox will display the Not Secure warning to your visitors. You have no choice but to add an SSL certificate to your site. However, finding the perfect cert for your project and installing it on your server is not always a breeze, especially if you’re not tech-savvy.
With so many SSL options available, getting the right solution may be a bit overwhelming, and the challenge doesn’t stop here. While the buying process is pretty straightforward, the SSL installation is tricky. Each server has specific ground rules on how to configure an SSL certificate.
We’re here to smoothen the whole process, from the moment you start searching for an SSL certificate, to the installation and post-configuration. In this article, we provide the roadmap to securing your website.
Pick the ideal certificate for your site and budget
Your website determines the type of SSL cert you need. It’s simple as that. A complex site such as an e-commerce platform requires a more expensive and flexible certificate than a small blog or informational portal. To ease the SSL search, we’ve matched different types of SSL certs with best-suited websites.
- Domain Validation certificates – perfect for basic sites, blogs, online portfolios, and small businesses
- Business Validation certificates – ideal for organizations, e-commerce platforms, startups, and NGOs.
- Extended Validation certificates – suitable for financial institutions, large enterprises, and companies seeking the highest level of customer trust
- Wildcard SSL certificates – necessary to secure subdomains along with the main domain
- Multi-Domain SSL certificates – convenient to encrypt multiple sites under a single SSL installation.
We have special tools to help you choose the best certificate for your site and budget. Our SSL Wizard recommends the right SSL option based on a couple of answers, while the Certificate Filter allows you to sort certificate by prices, validation, and brand, and compare their specs.
Order your SSL certificate and wait for the files to arrive
Once you’ve decided on your SSL certificate, you need to request it from the Certificate Authority. Your SSL vendor should walk you through the entire process, and it all starts with the CSR (Certificate Signing Request) generation. The CSR code is an encrypted block of text with your contact data you must send to the CA, to be included in your SSL certificate. Along with the CSR, you also create your private key.
At SSL Dragon, we offer a free CSR generator tool that will automatically generate your CSR code and private key. You will also receive the CSR and private key via email for backup. All you have to do is submit information about your site and company. Alternatively, you can generate the CSR on the server where you intend to install the SSL certificate.
Depending on your SSL certificate, the CA will process your request in just a few minutes or a couple of business days.
Install the SSL certificate on your Server
After the SSL installation files arrive in your inbox, the first thing you have to do is download the ZIP archive and extract its contents on your local device. Before you begin the installation ensure you have the following files ready:
- Primary SSL certificate issued for the domain name you want to secure;
- The intermediate certificates delivered separately or in a CA Bundle file;
- The private key generated along with the CSR.
Now, you need to upload all these files on your server, and here’s where things get intricate. Since there isn’t a universal SSL installation method, the guidelines may vastly differ from server to server. If you’re not an experienced user, you may find it difficult to navigate through the web interface and import the SSL certificates in the correct order.
A missing intermediate certificate, for instance, may result in SSL connection errors. That’s why it’s better to let a professional configure your SSL certificate. However, if you feel confident doing the job yourself, we’ve written more than 50 SSL installation tutorials covering all the major servers and email clients.
Test your SSL certificate and complete the HTTPS transition
First thing you should do after a successful SSL installation is to scan your SSL cert for potential error and vulnerabilities. Doing it early will save you a lot of trouble. We’ve compiled a list of SSL scanning tools to help you diagnose any issue with your certificate.
Finally, to avoid SEO penalties and keep traffic flowing, force the HTTPS connection across your entire site, and eliminate any mixed HTTP and HTTPS content. This 10-point SEO checklist for successful HTTPS migration will help you add the last configuring touches so that your secure website works flawlessly.
Wrapping it all up
Securing your site with an SSL certificate takes more than a few clicks here and there, and, although the SSL installation steps differ from server to server, our roadmap to HTTPS will ensure a hassle-free transition. Keep in mind, if you struggle with the installation, you always have the option to ask a developer and or a system admin to configure the SSL certificate for you.
