How to Add an SSL Certificate to a Website

Every website, from regular blogs to e-commerce platforms, needs an SSL certificate to remain accessible via most browsers and feature in search engine results. Without SSL, the connection between users’ browsers and website servers is in plain text and vulnerable to cyber-attacks. But how do you add an SSL certificate to a website and configure it to meet the security and SEO requirements?

In this article, we’ll walk you through the entire process, starting with the SSL selection and going step-by-step through Certificate Signing Request generation, the installation, and the post-configuration adjustments.

---

Table of Contents

1. Pick the Ideal Certificate for Your Site and Budget
2. Order Your SSL Certificate and Wait for the Files to Arrive
3. Install the SSL Certificate on Your Server
4. Test Your SSL Certificate and Complete the HTTPS Transition

---

Step 1. Pick the Ideal Certificate for Your Site and Budget

Your website determines the type of SSL cert you need. It’s simple as that. A complex site such as an e-commerce platform requires a more expensive and flexible certificate than a small blog or informational portal. To ease the SSL search, we’ve matched different types of SSL certs with best-suited websites.

• Domain Validation certificates – perfect for basic sites, blogs, online portfolios, and small businesses
• Business Validation certificates – ideal for organizations, e-commerce platforms, startups, and NGOs.
• Extended Validation certificates – suitable for financial institutions, large enterprises, and companies seeking the highest level of customer trust
• Wildcard SSL certificates – necessary to secure subdomains along with the main domain
• Multi-Domain SSL certificates – convenient to encrypt multiple sites under a single SSL installation.

We have special tools to help you choose the best certificate for your site and budget. Our SSL Wizard recommends the right SSL option based on a couple of answers, while the Certificate Filter allows you to sort certificates by prices, validation, and brand, and compare their specs.

---

Step 2. Order Your SSL Certificate and Wait for the Files to Arrive

Before you can add SSL to a website, first, you must choose a trusted Certificate Authority and apply for your cert by submitting the CSR (Certificate Signing Request) during the order process.

1. Choose a Reliable Certificate Authority

The Certificate Authority (CA) is a third-party entity that signs and issues SSL certificates. To comply with Web security requirements, CAs must check domain ownership and business legitimacy when required of every SSL applicant. With so many CAs operating in the industry, the best way to request your SSL certificate is from a certified SSL reseller.

Such a vendor is a partner of the leading CAs and offers SSL products at highly discounted prices. You can browse different SSL brands and pick the most suitable for your budget and project. Here are some of the most popular and trustworthy CAs:

Sectigo (formerly Comodo) – the most affordable CA on the market with a wide range of certificates, including the cheapest Positive SSL line.

DigiCert – the leader in the high-assurance SSL market, offering premium solutions for organizations and enterprises.

Thawte – a renowned name and one of the oldest CAs still around providing premium SSL certs at affordable prices.

GeoTrust – is an excellent option for international websites and a solid addition to any business platform.

RapidSSL – quick and convenient validation, ideal for entry-level websites and small businesses. 

GoGetSSL – a brand that offers the full spectrum of SSL certificates from basic domain validation to multi-domain wildcard certs for the most complex websites.

Once you’ve decided on your SSL certificate and Certificate Authority you need to generate the CSR.

---

2. Generate the CSR

The CSR code is an encrypted block of text with your contact data you must send to the CA, to be included in your SSL certificate. Along with the CSR, you also create your private key.

Choose Between Automatic and Manual CSR Generation

At SSL Dragon, we offer a free CSR generator tool that will automatically generate your CSR code and private key during the certificate request. You will also receive the CSR and private key via email for backup. All you have to do is submit information about your site and company. Alternatively, you can generate the CSR on the server where you intend to install the SSL certificate.

Submit the CSR to the CA for Validation

After you’ve generated the CSR, you need to copy and paste its contents, including the BEGIN CERTIFICATE and END CERTIFICATE tags, into the relevant box on your order’s page. You can open your CSR file with any text editor, including the free Notepad.

---

3. Wait for the CA to Sign and Send Back the Certificate

Depending on your SSL certificate, the CA will process your request in just a few minutes or a couple of business days. Domain Validation certs are issued within 5 minutes, while Business Validation and Extended Validation certs in 1-3 days.

---

Step 3. Install the SSL Certificate on Your Server

SSL installation comes down to uploading the certificate files on your server or platform. However, there isn’t a universal way to do it, as each system has its in-house rules regarding the SSL configuration. Moreover, some clients allow you to do it via the web console, while others only through the SSH (secure shell) terminal. Below we’ll show you how to install an SSL certificate in general. Please note that instructions will vary from system to system.

1. Download and Extract the SSL Installation Files

After the SSL installation files arrive in your inbox, the first thing you have to do is download the ZIP archive and extract its contents on your local device. Before you begin the installation ensure you have the following files ready:

• Primary SSL certificate issued for the domain name you want to secure;
• The intermediate certificates delivered separately or in a CA Bundle file;
• The private key generated along with the CSR.

---

2. Upload the SSL Certificates to Your Server

Now, you need to upload all these files on your server. If you’re not an experienced user, you may find it difficult to navigate through the web interface and import the SSL certificates in the correct order.

A missing intermediate certificate, for instance, may result in SSL connection errors. That’s why it’s better to let a professional configure your SSL certificate. However, if you feel confident doing the job yourself, we’ve written over 80 SSL installation tutorials covering all the major servers, network appliances, and email clients.

---

Step 4. Test Your SSL Certificate and Complete the HTTPS Transition

Many users erroneously think SSL installation alone is enough for proper configuration, but that’s wrong. After you upload the SSL files to your server, the following steps are crucial and will ensure the flawless functioning of your certificate.

1. Scan Your SSL Certificate for Potential Errors

First thing you should do after a successful SSL installation is to scan your SSL cert for potential errors and vulnerabilities. Doing it early will save you a lot of trouble. We’ve compiled a list of SSL scanning tools to help you diagnose any issue with your certificate.

Some of the most common SSL issues are due to faulty SSL installation. If you don’t upload the certificates in the correct order or an intermediate certificate is missing, browsers won’t trust your website and will warn visitors about security dangers. 

Sometimes the problem is with the server when it supports obsolete cipher suites and deprecated protocols. Thankfully, there’s a solution for every SSL problem, and you can fix the SSL errors by following our tutorials.

---

2. Force HTTPS Across Your Entire Website

You must force HTTPS, as it significantly enhances the security and privacy of online activities and makes the site visible to every user. If you don’t redirect your site from HTTP to HTTPS, some visitors will end up on the unsecured version of your website, which won’t reflect well on your professionalism and security measures.

By forcing HTTPS, you ensure that user details, including login credentials and personal information, are encrypted and protected from potential attackers. At the same time, your site remains accessible from any browser and maintains its high SEO score.

Redirecting HTTP to HTTPS is straightforward for most web servers and content management systems. Here are the instructions for Apache, NGINX, and WordPress:

Apache

1. Open the Apache configuration file using a text editor.
2. Find the VirtualHost section for the website you want to redirect to HTTPS.
3. Add the following code to the VirtualHost section:
   
   RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

4. Save the configuration file and restart Apache.

NGINX

1. Open the NGINX configuration file using a text editor.
2. Find the server section for the website you want to redirect to HTTPS.
3. Add the following code to the server section:
   
   server {
listen 80;
server_name example.com;
return 301 https://yourdomain.com$request_uri;
}

4. Save the configuration file and restart NGINX.

WordPress

1. Log in to the WordPress admin panel.
2. Go to Settings > General.
3. Change the WordPress Address (URL) and Site Address (URL) to use HTTPS instead of HTTP.
4. Save the changes.

---

3. Search Engine Optimization

HTTPS is now a requirement for every website and an essential SEO element. It provides a more secure and private browsing experience. As a result, Google and other search engines prioritize HTTPS websites in their search results.

After migrating a website to HTTPS, you should optimize the site for SEO to ensure good rankings, avoid SEO penalties, and keep traffic flowing to the new HTTPS version of your website. Here are the adjustments you should do:

1. Update all internal links to use HTTPS URLs.
2. Update all external links to point to the new HTTPS URLs.
3. Update any hard-coded HTTP links in scripts, stylesheets, and other code.
4. Update the sitemap to include HTTPS URLs and submit it to Google Search Console.
5. Update the canonical tag to reflect the new HTTPS URL.
6. Update any social media profiles and directories to point to the new HTTPS website.
7. Update Google Analytics Admin Settings. Select the HTTPS version and save the changes.

Once you complete all these steps, continue monitoring your website for potential errors. A successful HTTPS migration is not only about implementing changes but also keeping a permanent eye on how they work on your website.

---

Wrapping It All Up

Securing your site or adding a new SSL certificate takes more than a few clicks. And, although the SSL installation steps differ from server to server, our roadmap on how to add an SSL certificate to a website will ensure a hassle-free configuration. Keep in mind, if you struggle with the installation, you always have the option to ask a developer and or a system admin to configure the SSL certificate for you.