SSL certificate being a necessity for today’s age has too compelled Google and other browser authority to think over HTTPS Everywhere for websites. Either it is a regular website, blogging, eCommerce website or any financial website, SSL is now must to secure ongoing information over the web.
People across the globe are considering the importance of SSL certificate for their customer and website security. However, the thriving trend of online shopping has invited many unwanted malicious actors to grab web information from the company without their awareness.
As a result, phishing attack, virus attack, malware infection may cause to your website if the site does lack security implementation. Especially, an eCommerce website that carries a huge amount of transactions per day and stores their customers’ credentials and financial details should have SSL certificate. Consumers are switching from traditional channel to the internet for shopping. So, what is the easy and affordable way to keep your customers’ details safe over the web? The answer is SSL Certificate.
- What is SSL certificate?
- Types of SSL certificates:
- How do you know that the website has SSL?
- How can you secure your website with SSL?
- Install SSL certificate:
What is SSL certificate?
SSL certificate (Secure Socket Layer) is a bridge between the server and the user that encodes the data traveling between these two ends and ensures website owner and end users that the information is safe from prying eyes. The strength of SSL certificate depends upon the private key length (2048-bit at present) and the encryption strength (256-bit at present). By encoding the message sent from the user end, the message becomes unreadable to the malicious vector. SSL certificate issued by the certificate authority should have abided to CA/Browser forum guideline as well NIST guideline so the interest of customers remains intact and customers can get the authenticity and integrity with SSL certificate.
Types of SSL certificates:
Different types of SSL certificates are matched with business requirement and serves different purposes like from single domain to multi-domain security like domain validation certificate, UCC/SAN SSL certificate, wildcard certificate etc. Certificate authorities like Comodo, Symantec, RapidSSL, Thawte, GeoTrust, and GlobalSign work on several validations like domain validation, organization validation, and extended validation that makes certificate more reliable. There also exists self-signed certificate but browsers do not accept such certificate and throw warnings.
How do you know that the website has SSL?
A person can easily know that the website is secured with SSL or not. Non-EV SSL bestows HTTPS instead of HTTP in address bar along with a green padlock. If the website has opted extended validation the browser will have an add-on like a green bar that shows company name with country code. Therefore, customers can be assured that they are visiting safe website.
How can you secure your website with SSL?
If you have decided to get SSL certificate, then you should have few things ready with you to cope SSL certificate like hosting, IP address, domain name etc. To get SSL, it involves different process from selection of SSL to installation of SSL certificate.
Search for Domain:
After deciding hosting plan, the domain name also plays an important role. The domain name should reflect your business type and functionality. There are many TLDs available like .guru, .in, .com, .co.in, .me, etc. You can guess domain name and search for domain registrar who can offer desired domain name at an affordable price. Many hosting providers also provide domain service and hosting service too.
Search for Hosting:
You can find many hosting options (shared hosting, VPS hosting, dedicated hosting, cloud based hosting) in the market at affordable hosting. SSL issues on a fully qualified domain name but not on an IP address, Intranet or .local domains. When you take service of hosting they will provide shared IP on which many customers use the same location. You can take dedicated IP also that ensure the traffic goes to that particular IP address and only to your website. Many servers by default support SNI (Server Name Indication) that eliminates different IP requirement for individual SSL certificate (in the case of multiple SSLs). You can install the same SSL on multiple servers with single IP address.
Select SSL provider:
Many SSL providers are eagerly offering SSL certificates at cheapest price but with same quality SSL that you directly purchase from the certificate authority. You need to search a bit more to find your budget price SSL in this open SSL market. These market players offer support service for their customers as SSL certificate requires renewal after expiration. Therefore, a good support will always make their customers retain with them and some of them do not miss to provide customer support.
Decide Your SSL:
Always decide your need before buying SSL certificate, as you require single domain security or multiple domains security. Every SSL serves a different purpose. For example, if you have software or application and you want its code safety then Code signing certificate is ideal. On the other hand, if you have multiple domains and you need a single SSL solution then UCC SSL certificate will be fit to your need. If you are an incorporate organization and need highest validation certificate then you need to browse for EV SSL certificate.
After deciding type of SSL certificate, it is time to purchase and checkout from your SSL provider. Here, we have chosen SSL2BUY as an SSL certificate provider that has diversified product to match your need. You should first sign up and create an account then select the product from your account.
Once you select, purchase product, and checkout then, you will now have SSL configuration process. Configuration process involves CSR generation, private key generation, placing order, validation process, and finally issuance of the certificate.
Activate SSL certificate:
To activate SSL, CSR (Certificate Signing Request) should be created from the hosting server where your site runs. CSR should have —–BEGIN Certificate Request—– and —–END Certificate Request—–. CSR will also provide a private key that should be kept secretly because if the private key is compromised or revealed to an unknown person, he may decode the certificate with the private key. CSR should have below fields:
- Common name:
- Organization Unit:
All above fields should be filled necessary to create successful CSR. Once you create CSR, you need to copy the CSR including BEGIN and END tag with dashes and paste to required field. Then you should proceed with SSL configuration process.
You will be asked email that should be associated with a domain name. The certificate authority wants to check and validate domain name. It assures that you own the domain name rights. Once you validate domain name, the certificate authority issues SSL certificate to your email address.
Install SSL certificate:
Once you get the certificate in an email from the certificate authority, it is time to install SSL certificate finally on your server. Installation should be managed by yourself or by hosting provider. Let us say you own cPanel server and you want to install SSL on it then you need to follow below steps.
First, you should login to cPanel.
Click on SSL/TLS Manager generally found under the Security section.
Now, click on Generate, view, upload or delete SSL Certificates in the ‘Certificates’ section.
Now, import SSL certificate (domain.crt)that you received in email. You can copy and paste the content of certificate in given box or upload certificate directly by clicking on browse and upload.
After uploading certificate, click on Go Back.
Now, see on the bottom page and click on Return to SSL Manager.
Click on Setup a SSL Certificate to work with your site option under Activate SSL on Your Website (HTTPS) in SSL/TLS Manager page.
Select domain from the menu and the system will fetch SSL certificate and a private key associated with the domain name.
Finally, install CA Bundle (Root and intermediate) that was provided by the certificate authority. Click on Install Certificate button.
Check SSL installation with SSL checker:
SSL certificate is now installed on your website; you can see HTTPS and green padlock in the address bar. You should check SSL installation in SSL checker tool. The SSL checker will provide details about SSL certificate like SSL algorithm type, server type, key size, serial number, etc. When SSL is installed on your server, customers can easily do the transaction over your website in a secure environment.