Monday, December 10, 2018
Tips

What you should know about the SSL Certificate for your website

A SSL certificate encrypts the information between your server and the user’s browser that visits your page. This “layer” of security for web pages prevents traffic between your server and the user’s browser from being intercepted, preventing data from being extracted from the user that should not be shared (such as card numbers, addresses, telephones, etc.) .

What are the benefits of having an SSL Certificate on your website?

Having the “green lock” and an “https” in the address bar of the user’s browser when you access your website has multiple benefits.

  • Since 2014, Google has taken into account these certificates to increase the positioning of a website in search engines. Search software gives priority to pages that are safe for users.
  • Since 2017, Google not only places web pages without SSL certificates in lower positions in search engines, but also points to http pages (which handle credit card data or passwords) as “Not secure”, and we do not want that the user mistrusts our website, right?
  • It offers greater security to customers: It is possible that your website does not handle credit card data, however, it is possible that to subscribe or register use forms in which users provide their data as the phone, email, address, etc. If this data is processed on your website as plain text and the user is using an open network in a public place, it is not very difficult to intercept this data.
  • The combination of all the above points helps you increase conversions or sales within your website. Therefore, as a strategy, it is good to mention to the users that their data will be protected.
  • It does not decrease the speed of your web page.

Types of SSL Certificates

SSL certificates can have different levels of protection.

Single domain SSL certificate

They protect a single domain, so if your page has subdomains it will not apply.

Multiple Domain SSL Certificates (SAN: Subject Alternative Names)

Its protection covers similar domains such as .com, .es, .net., Etc.

Organization SSL Certificates

They authenticate the identity and information of a company. Important if they are institutional pages, foundations, non-profit organizations, etc.

Extended SSL Certificates

These certificates have met multiple requirements and are those that add the green address bar to your browser. They are considered the safest.

Free SSL certificates

They are secure certificates for simple pages that do not process payments. Normally you should buy SSL certificates from any hosting provider, however there are already several tools that will allow you to have one for free and secure.

How to get a free SSL Certificate

If your website is simple and does not handle sensitive information such as credit card data or payment gateways, Let’s Encrypt is one of the most famous services and offers free certificates that can be integrated into your server. These certificates are renewed automatically and the information on their protocols is transparent and open. Many servers receive support directly from Let’s Encrypt and you can see the list here.

Another service you can use if your hosting is not connected to Let’s Encrypt is SSL For Free. The disadvantage is that you will need access to your FTP details and you may have to consult some things about your hosting.

Cloudfare is another popular option for obtaining free SSL certificates. It does not update automatically when the certificate ends, it must be updated manually.

Finally, FreeSSL will be public soon and offers free SSL certificates to non-profit organizations or startups. If you register, they will send you a notification when the service is on the air.

How long does it take to generate an SSL certificate?

Some are almost instantaneous and take at most 5 minutes. Other more advanced ones take up to 5 days to verify all the information and generate the certificate.

How to set up your free SSL certificate in WordPress

With a plugin

After installing your SSL certificate you can see the secure version of your website by entering it with “https:” without the “www”, that is, https://yourdomain.com. But just because you see that it is active does not mean that the procedure is ready.

To help you install the certificate you can use a plugin called Really Simple SSL, which should only be installed and will make all the necessary changes. Do not be scared if you log out of WordPress and you have to log in again, it simply means that the installation of your SSL certificate was carried out.

With cPanel

If your SSL certificate is not free

Open the control panel of your cPanel and look for “SSL / TLS Manager”.

Click on “Generate, view, upload or delete your private keys”.

Then click on “Generate a new password”. Enter your domain name, or select it from the menu. Select “2048” for “Key Size”. Click on “Generate”.

Go back to the SSL administrator. From the main menu, select the “Generate, view, or delete SSL certificate signature requests” link.

Enter the information of your project.

Click on the “Generate” button. Your CSR will be displayed. You can copy it and enter it in the certification request form. If the service requires the CSR to be a file, copy the text in a text editor and save it as a .CSR file.

Request your SSL certificate from the provider you have chosen. You will need to upload your CSR file to the certificate service when you buy yours. With the information in this file the certificate for your server will be generated. Some providers will ask you to copy the contents of the CSR file, others will ask you to upload the file.

Download your certificates. You will need to download the intermediate certificates from the service to which you purchased the certificates. You will receive your primary certificate by email or through the customer service area of the website.

Open the “SSL Administrator” menu of cPanel again. Click on the “Generate, view, upload or delete SSL certificates” link. Click on the “Upload” button to find the certificate you received from the provider. If the certificate is in text format, paste it in the browser box.

Click on the “Install SSL Certificate” link. This will complete the installation of the SSL certificate. The server will reboot, and your certificate will begin to be distributed.

If you have a free SSL certificate

In your cPanel you will see “SSL Manager”. Click Upload and look for the SSL certificate that you downloaded. Click Install SSL Certificate. Use several browsers to verify that it is working well at all.

Ready to make your web more secure? Tell us which SSL Certificate provider you use!

Jefferson Maldonado
the authorJefferson Maldonado
UX WordPress Designer
Ux & Web Designer. Portafolio: http://maldonadoz.com/portafolio/ Divi Blogger, WordPress Expert, UX Designer, Business Consultant.

Leave a Reply