How to get an SSL certificate
July 7, 2015 9:51 am
You may be familiar with the term SSL certificate, which provides your website with an extra level of security and trust. SSL stands for Secure Sockets Layer, and SSL certificates are very important for secure and private communications on the web, and are 100% necessary if you host any private data or carry out ecommerce or other sensitive transactions. This article will review what you need to know about SSL certificates, what they do, and how to get one for your website.
What is an SSL Certificate
A secure sockets layer certificate is a digital certificate which confirms that your identity and website have been verified by a Certificate Authority (CA). Just as you might hang a paper certificate on the wall behind your desk, your website displays its certificate in the address bar of the web browser. But before we go into more detail on SSL certs, we’ll explain why you need one, and the difference between HTTP and HTTPS, and the nature of secure internet communications!
Why Do You Need an SSL Certificate
The simple answer is that without an SSL certificate on your website, private and secure web browsing is not possible. This means that it makes it easier for hackers and phishers to hack your computer and steal your personal data. And it’s not just hackers stealing your data that you need to worry about: since the Snowden leaks, we know that government agencies are snooping on most of our activities online.
Acquiring an SSL cert adds privacy, security and trust to a website and your visits to it. Securing your website with an HTTPS and an SSL cert is makes it harder for hackers to gain access to your sensitive data, and they are likely to just move along and pick an easier unsecured online target website to hack into! By making it harder for criminals to access your data, you discourage any crime from occurring in the first place, and your visitors can feel safe visiting your website.
The Difference Between HTTP and HTTPS
The default protocol of the web is HTTP (Hyper Text Transfer Protocol). This is unencrypted, which means that were anybody so interested, they could easily tap into the connection between your browser and the websites you visit, and see everything that is sent back and forth between browser and website. So, the hacker would be able to see all the pages you request, any data you submit in a form including passwords would be unsafe, facebook posts etc. would all be viewable, and if you use webmail such as GMail, then they could see all your emails too. And not to mention that all your online banking details would be visible too. Clearly this is not ideal.
Enter HTTPS. The S at the end stands for SSL, or with Secure Sockets Layer. The idea is that for privacy on the web to be possible, then HTTPS will encrypt the connection between browser and website. For this to be possible, the browser must be able trust that the website is the actual website that it claims to be, and not a fake or phishing website masquerading as a different website. This is where the SSL certificate comes in.
To get your website set up for HTTPS, you must install an SSL certificate on your webserver.
And to get an SSL certificate you must apply to a recognized Certificate Authority, who will verify that you are who you say you are, and that your website is associated with you. Depending on the level of security, you might need to submit official documents to the Certificate Authority, such as company registration number and official government issued identity card.
Once you have your certificate installed, then the browser knows to check whether the certificate is valid or not, and will display a warning if it is not.
Another way to tell when a website is secured by a Secure Sockets Layer certificate is to look in the browser search bar to see if there is a green icon displayed at the far left side. If the icon is not green, then you should be careful about submitting personal data to the website.
Different types of browsers (for example, Google Chrome, Internet Explorer and Mozilla Firefox) may display this green icon differently. In some cases, the “https” will be in green. In other cases, the company name will appear in green before the URL text. This green color says to the web visitor, “This site is SECURE – it is safe to browse and buy here.”
SSL Certificate details
SSL certificates will contain the following data:
- Your full name. This is because you are the certificate holder of record.
- The serial number and expiration date of the certificate.
- A copy of your public key. The “public key” is one of two keys required for the encryption and decryption of data to take place. There is a public and a private key, and both are required for the certificate to do its security work.
- The issuing authority’s (Certificate Authority’s) digital signature.
How to Get an SSL Certificate
Let’s have a look at how to get an SSL certificate for your website. Note that this procedure can vary depending on your hosting provider, and whether or not they are also a Certificate Authority.
- First, you need to set up your site hosting—you probably have this bit done already
- Make sure your domain WHOIS record has up to date information about the domain owner (you). WHOIS is the central record repository online that links websites with their owners, and is used to verify that you own your domain
- Purchase an SSL certificate from a recognized Certificate Authority, such as Verisign, Thawte, DigiCert, GoDaddy, Comodo.
- Generate a Certificate Signing Request (CSR) on your webserver. Most hosting providers have a tool they offer to users to generate and submit a CSR. The CSR will contain information such as the domain name, company name, country, email and so on. Once generated, your CSR will be available to you as a text file you can download and save.
- Next, the CA needs to associate your CSR with your certificate. So you should submit your CSR to the website of the CA where you bought your certificate. There should a form for you to upload or copy and paste the contents of the CSR.
- After submitting your CSR, you need to verify your request and then validate it. What you need to do is present proof that yes, you did make this request and yes, you are you. Typically, this entails generating and then responding to a validation email (the kind that arrives with a link you need to click), or place a small file called a “verification file” on your website itself that the CSR can then visit and use to verify you and validate your request.
- Finally, you are ready for the install SSL certificate process. This involves downloading a file that contains your new certificate and then uploading it to your website, unpacking and installing it.
How to Install SSL Certificate
Here again, the exact method you will use to install the SSL certificate can vary depending on your server hosting provider, but this will give you the general idea of how it is done.
- First you need to access the file you downloaded that contains your new certificate.
- Next, you need to indicate the type of software your hosting provider is using.
- Now you need to add the certificate (which is basically a section of digital code) into the configuration software itself.
- Test that the task has been completed successfully by replacing the “HTTP” at the front of your website address with “HTTPS” and clicking on “Enter.” If your website opens as usual, but now displays a bit of green text or a green icon, you have done it correctly – congratulations!
Once you have added the code and saved it, you are finished!
Main image: Rina Pitucci