Blog

The Official Bluehosting.com® Blog

Installing an SSL certificate in 3 steps

SSL Certificate

A big part of expanding your business is in increasing your website’s popularity, and a big part of doing this is ensuring that your customers feel safe when they use your website. The importance of having a safe and secure website cannot be stressed enough. In fact, even in a perfect world, without the numerous threat agents all over the internet, customers would still want to know that their information is safe, just in case things go awry. A safe website saves you a lot of trouble, time, and money in the long run. Your best bet to ensure the safety of your website is to install an SSL certificate. Here’s how to secure your website using SSL, including the possible errors you might run into upon doing so.

What is SSL?

An SSL (Secure Socket Layer) Certificate is the technology that provides security to your website by encrypting the traffic transferred between your host server and your clients’ computers. This is a pretty simple definition, considering the magnitude of the difference having it will make for your business. The truth is, the SSL Certificate only carries out this part of its function after it authenticates your website. Upon purchasing the certificate, you will be given a set of files containing everything needed for the Certificate Authority to communicate with your server.

Steps to take when implementing SSL

Before you implement an SSL Certificate it is best to understand that the importance here is safety. In part, this means that information transmitted between your server and the client must pass through as small a number of channels as possible, one being the ideal. That being said, it is best to have your own dedicated server to host your website, as opposed to having a shared server. Once this is done, you are ready to secure your website using the following steps:

Step 1: Purchase an SSL Certificate

The SSL Certificate works like an identification and authentication system for your website. Upon making initial communications with the Certification Authority you wish to use to get your certificate, your website is scrutinized to ensure that you are who you say you are. After your website is authenticated, the certificate begins to do its job – protecting your customers’ data. It is important to mention that there are different certificates and that the certificates provide different protection. Ensure you know exactly what you absolutely need to protect and cross-reference that with what each certificate offers, so you know which one you should purchase.

Step 2: Activation and Installation

Other SSL Guides might list the installation and activation process in different steps; however, these processes are pretty simple, and, depending on where you purchase the certificate, don’t even need to be done manually. The main part that you should know is that the activation process comes first and is completed by generating a Certificate Signing Request (CSR), which is basically your website’s virtual identification card. Installing the certificate can then be carried out using cPanel.

Step 3: Verify your Website’s HTTPS status

SSL Certificate Verification

After you’ve installed your certificate, the next time you load your website, it should result in “HTTPS” being displayed before your website’s domain name. Once you see this, you are done! Your website is can now make secured connections from server to browser. HTTPS is the protocol that identifies your website as safe to the browser client that is being used to view your site. Your website’s address may be displayed in green or may have a symbol of some sort, such as a lock (depending on the certificate), also indicating that the website is safe.

Don’t be fooled. There is no way to make your website 100% safe, but steps can be taken to make things more difficult for threat agents. SSL Certificates only encrypt data that is transferred between your website and the client while it is in transit. Once the data gets to your server, it is decrypted and stored on the server. Measures should, therefore, be taken to protect your server. Installing a strong antivirus software and investing in a premium website backup are just a few ways that you can go a step further to secure your website and privacy.

Common SSL Errors and Warnings

When you first install your SSL Certificate, you may run into a few errors on your website. Here are a few common errors you might face and how to fix them.

Private Key Missing

The private key is used to encrypt and then decrypt the data that is being transmitted to and from your site. Without it, communication between the two parties would be difficult. The private key should be generated along with the Certificate Signing Request on the same server that Certificate is being installed on. Otherwise, a new CSR would have to be generated.

Certificate not trusted in browser

This error occurs when the intermediate certificate has not been installed. To correct this error, you must identify which intermediate certificate is compatible with your certificate and install it.

Duplicate private key

One of the reasons SSL Certificates are so secure is uniqueness. A CSR and private key can only be used once. If you have more than one website and you wish to secure all of them, you would need to purchase a certificate for each one and generate a different CSR and private key for each.

Items from an unsecure source

Naturally, you may want to include data on your website from external sources. When doing this, it is important to ensure that data such as code snippets and videos come from trusted sources as well. Otherwise, your website will lose its HTTPS status.

The common name you entered does not match the base option

You come across this error when you declare a Wildcard Certificate but have not included the asterisk (*) in the common name on your CSR, or if you have done the latter, but not the former. A Wildcard SSL Certificate allows you to apply one certificate to your domain and all subdomains. So, if your domain is “www.yoursite.com”, then to secure that domain and all subdomains, you would need to set your common name in the CSR as “*.yoursite.com”.

Conclusion

Now that you know how to implement an SSL Certificate on your website and how to correct any errors you may run into upon installment, you are well on your way to properly securing your website. A safe website is a good investment. Just, remember that a safe website does not necessarily mean that all of your data is safe. Measures need to be taken to protect your server as well. At the end of the day, once your website is safe, your business will grow. Be safe out there.