How to Install an SSL Certificate

With an SSL certificate, your website can uses the HTTPS protocol to securely transfer information from point A to B. This is crucial when transferring sensitive information, like credit card data on checkout pages, and personally identifiable information (PII) on login and contact forms.

In addition to security benefits, websites using SSL get better rankings on Google and improved performance through the use of HTTP/2. It’s also important to understand that SSL does not protect your website. This guide is designed to show beginners and intermediate users how to deploy a free SSL certificate from Let’s Encrypt on their self-hosted websites.

Protect your Site
Step 1
Gather Requirements

It is now easier than ever to use HTTPS on your website. Beginners should start by having a conversation with their hosting company about the options they offer.

There are a few easy ways to add SSL to your website:

  1. Some hosts offer free SSL, including one-click SSL options (i.e. SiteGround, WPEngine).
  2. Many hosts offer paid SSL and will implement the certificates for you (i.e. GoDaddy).
  3. Intermediate users can generate their own free SSL certificate (i.e. Certbot / Let’s Encrypt).

Regardless of the type of certificate you choose, the encryption and level of security is the same.

http vs https infographic insecure encrypted connection

Get Help

Want to have an SSL certificate and website security? We’ve got you covered.

Help Me

1.1 – Types of SSL Certificates

Some visitors recognize the additional authenticity and trust offered extended validation (EV) and organization validated (OV) certificates due to their rigorous validation process.

There are three types of certificates to be familiar with:

  • Domain Validated (DV)

    DV certificates only need the certificate authority to verify that the user requesting the certificate owns and administers the domain. Visitors will see a lock icon in their address bar, but no specific information about the owner.

  • Organization Validated (OV)

    OV certificates require a certificate authority to confirm the business making the request is registered and legitimate. When visitors click the green lock icon in their browser, the business name is listed.

  • Extended Validation (EV)

    EV certificates require even more documentation for the certificate authority to validate the organization. Visitors will see the name of the business inside the address bar (in addition to clicking the lock icon); however, most updated browsers no longer display the EV visual indicator.

1.2 – Commercial vs. Free SSL Certificates

It’s important to understand the difference between commercial and free certificates.

  • Commercial (paid) SSL certificates

    These are a decent option for many website owners. Paying a certificate authority (or your hosting company) will often give you the benefits of technical support. The encryption level is the same as with free SSL certificates. The key differentiator will come in the level of support you get with your certificate.

  • Free SSL certificates

    These are being spearheaded by the Let’s Encrypt initiative – an open collaboration between a number of global organizations focused on making SSL certificates accessible to all website owners.

Note

Many hosts offer specific instructions on how to deploy free SSL certificates. Check with your host’s support channels and articles for more information before following this guide.

1.3 – SSL in the Cloud

You can also get the benefits of SSL certificates through cloud providers, such as content delivery networks (CDNs) and website application firewalls (WAFs) solutions like the one from Sucuri, who offer it at no additional charge.

These services are a proxy between the visitor and your website. By changing your domain records to point to their servers, they can cache your content to make your website faster and filter out malicious traffic. This also means that the browser recognizes which server IPs are connected to your domain, allowing for the use of DV certificates.

These providers can also work with your own SSL certificate. If you are a Sucuri customer, you can contact our technical support team for information and assistance.

Note

If you are implementing an SSL certificate through your host, you may want to skip ahead to Step 3: Important Final Steps.

1.4 – Getting a Free SSL Certificate

The following guide works best if you have a dedicated IP for your site (through a VPS or dedicated server). If you’re on a shared platform, talk to your host about deploying Let’s Encrypt; a number of hosts have automated the process of deploying a free SSL for shared hosting accounts. It is possible to use server name indication (SNI) with one server IP address and generate certificates for all sites on the server.

The rest of this guide will assume you have full access and control of your web server.

You will need the following information about your server:

  • IP address
  • Server username (with admin or sudo privileges)
  • User password (or preferably SSH key authentication)
  • Software (i.e. Apache, nginx, IIS)
  • Operating system and version number (i.e. Debian 7, Ubuntu 16.04, etc.)

SSH Access Through cPanel

ssh access through cpanel screenshot example

You can contact your host to obtain any missing information.

Back to Top