What is SSL and How To Install It On Your Website
7th February 2019
SSL is now widely used on websites across the Internet as a method of securing websites and its sensitive data. Here we will discuss what exactly SSL is and how we can install it on your website for free.
SSL stands for Secure Sockets Layer and is an industry standard protocol that provides security over Internet communications. SSL provides a secure connection between two machines or devices on the Internet, for example between a web browser and a web server.
SSL allows data that is sent between the server and the browser to be encrypted, which means that hackers can not intercept sensitive data such as passwords or credit card details.
We can tell if the website that we are on is using SSL as it has the padlock image and the word "Secure" next to the address bar. The website address will also have the letters "https" at the beginning.
Technically, SSL was updated in the late 90's to a new technology called TLS (Transport Layer Security). You may find some companies using the two terms interchangeably.
Aside from browser security, SSL also can secure email communication via Outlook Web Service as well as Exchange. SSL can also be used in conjunction with SFTP to ensure uploading files to a web server is done in a secure manner.
How to Install
The installation of SSL on your website can be done in a few simple steps. In order to complete the following steps, you will need to have access to the files on your server, either via CPanel or SFTP.
First of all, head over to ZeroSSL, (https://zerossl.com) this is where we will get our security certificate from. Click the 'Online Tools' button to start the process, and then at the Free SSL Certificate Wizard section, click the 'Start' button.
Then in the Domains field enter the name of your domain with and without the www, with a space in between e.g. "declankay.com www.declankay.com". Check both boxes for the Service Agreement and the Terms of Service, then click the 'Next' button.
Click the Download button to take a copy of the Certificate Request. Then click the Download button to take a copy of the Private Key, then click 'Next'.
Then, we want to download both the certificates for the www and non-www version of your website. To do this, click the download button beside each domain.
Now we have the two certificates for the domains, we want to upload both of these files to the server where your website lives. To do this on GoDaddy CPanel, go to File Manager and then find the 'public_HTML' folder. Inside this folder, we want to create a new folder called ".well-known". Inside this folder again, we want to create a folder called "acme-challenge". Inside this folder, we want to upload both the certificates that we downloaded previously for both www and non-www domains.
Alternatively, the files on the server can be accessed via SFTP, rather than on CPanel, as shown below:
To test that the certificates are working correctly, you want to click the link next to the download button for the www and non-www domains. Once we click the link, the key should appear on the screen. If this does not show, then ensure that the folders have been setup as explained previously. If both the keys show, then you are ready to proceed.
Now that the www and non-www certificates are uploaded to the server, we want to install the certificate. To do this on GoDaddy CPanel, go to the Security section and then click the 'SSL / TLS' button.
Then under the 'Install and Manage SSL for Your Site' (HTTPS) header, click the Manage SSL Sites link. In the Certificate Installation page, we have three inputs: Certificate, Private Key and Certificate Privacy Bundle (Cabundle).
Take a copy of the Certificate in ZeroSSL, which starts with the text 'Begin Certificate', and paste it into the Certificate box on GoDaddy. Then go back to ZeroSSL and copy the Privacy Key, which starts with the text 'Begin RSA Private Key', and paste it into the Privacy Key box on GoDaddy. Then finally, on GoDaddy, go to the Certificate box and scroll down to where it says 'Begin Certificate'. Note that it says 'Begin Certificate' on two occasions, take a copy of the text from the second occurrence. Then, paste it into 'Certificate Privacy Bundle (Cabundle)' box.
Once complete, please note that you should see a small green tick beside each of the three inputs. If you do not have this, then please go over these steps again. If you have the three ticks, then you are ready to proceed by clicking the 'Install Certificate' button.
An alert will then pop up that confirms the install of the certificate with the message 'SSL Certificate Successfully Updated'. Additional details are provided such as your domain and email details.
Then if we preview the website in the browser and update the URL to use https, the green padlock will appears beside the domain name. Please note, you may need to clear the browser cache as this can sometimes prevent the secure version of the website from loading.
The SSL certificate is ready to use for 90 days on your website. It can be renewed whenever you want to, and can be done by following the steps that we have just completed. I would recommend setting up a reminder on your calendar for a couple of days before it is due to expire, so you can renew in plenty of time.
Now that the SSL certificate is setup, your website is now better secured against any potential attack and the sensitive data is safer than before. If you need any extra support, you can check out the ZeroSSL Documentation.