How to get an SSL certificate: a step-by-step guide
If you’re running a website, make sure you know how to get an SSL certificate. An SSL certificate would protect your website’s traffic. That’s because an SSL certificate encrypts all of the data transmitted between a user’s web browser and your website. But how do you get and install an SSL certificate? It’s actually a pretty straightforward process!
In this guide to getting an SSL certificate, we’ll teach you how to get an SSL certificate for your website in just a few easy steps. We’ll walk you through the entire process, from acquiring the certificate to installing it on your server. So don’t hesitate any longer – follow these simple steps and get your SSL certificate today!
What is an SSL certificate?
Before we dive into how to get an SSL certificate, let’s first take a step back and answer the question: what is an SSL certificate?
SSL stands for Secure Sockets Layer. It’s a protocol for transmitting sensitive data over the internet. TLS, or Transport Layer Security, is the successor to SSL, but the industry has kept the SSL name.
When you visit a website that uses SSL/TLS, your browser will establish an encrypted connection with the server. This ensures that all of the data transmitted between your browser and the server remains private and confidential. SSL/TLS works by using a public key and a private key. The public key is used to encrypt the data, and the private key is used to decrypt it.
SSL certificates are what make SSL possible. An SSL certificate is a digital file that contains information about a website’s security, including the site’s domain name, company name, and location. When you visit an SSL-protected website, your browser will check the certificate to make sure that it’s valid. If everything looks good, the connection will be established. Then, you’ll be able to browse the site safely.
Why is an SSL certificate important for your website?
There are a few reasons. First of all, it’s a good way to protect your users’ data from hackers. If your site doesn’t have an SSL certificate, third parties can easily intercept any sensitive data (like passwords or credit card numbers) transmitted. That’s why it’s so important to have an SSL certificate if you’re running an eCommerce site. You want to make sure that your customer’s payment information is safe and secure.
Another reason to get an SSL certificate is that it can help improve your site’s search engine ranking.
Speaking of Google (and the other major browsers), another reason to get an SSL certificate is that it will help you avoid browser warnings. If you try to visit a website that doesn’t have an SSL certificate, you might see a warning message like this one from Google Chrome:
“Your connection is not private. Attackers might be able to see the info you enter on this site, like your password or credit card number.”
These warnings can scare away potential visitors, so you definitely want to avoid them if possible. The good news is that getting an SSL certificate is an easy way to secure your connection and get rid of these warnings.
Finally, having an SSL certificate can increase trust in your website. When users see the padlock icon in the address bar, they’ll know that your site is protected with SSL. They’ll also know that you’re serious about security and that their data is safe. That can go a long way towards building trust and confidence in your brand.
How to get an SSL certificate: a step by step procedure
Now that we’ve answered the question “what is an SSL certificate,” let’s get into how you can acquire one for your website. Here’s a step-by-step guide to getting an SSL certificate:
1. Choose a Certificate Authority
The first step to getting an SSL certificate is to choose a Certificate Authority (CA). A CA, such as GoDaddy, is an organization that issues SSL certificates. There are quite a few different CAs to choose from, so it’s important to do your research and select one that you can trust. Some things to look for in a CA include a good reputation, strong security measures, and customer support in case you have any questions or problems.
The reason why this step is number one, is because many people aren’t sure which type of SSL certificate they need. By first choosing a trusted certificate authority, you can get help finding the perfect certificate that meets your needs.
At GoDaddy, we’re proud to be one of the largest and most well-known CAs in the world. We offer a wide range of SSL certificates to secure any type of websites, and our customer support team are always on standby to help if you have any questions.
2. Pick the right certificate for your needs
The next step is to choose the right SSL certificate for your website. GoDaddy offers a variety of options, including DV, OV, EV, single-domain, wildcard, and multi-domain certificates.
Let’s dive into the different types of certificates available. These are categorized in two main ways – by validation level and by the number of domains secured. We’ll start by looking at the different levels of validation available:
- Domain Validation (DV): Domain validation certificates are the most common type. They’re also the easiest to get, as they only require that you verify your ownership of the domain.
- Organization Validation (OV): Organization validation certificates are a step up from DV certificates. In addition to verifying your ownership of the domain, you’ll also need to provide additional information about your organization. This usually includes your business name, address, and contact information.
- Extended Validation (EV): Extended Validation certificates offer the highest level of security. In addition to verifying your domain and organization, you’ll also need to provide proof that your business is legitimate. This can include things like tax ID numbers or business licenses.
Let’s look at the other main way that certificates are categorized – by the number of domains they secure. Here’s a quick overview of these options:
- Single Domain: A single-domain certificate is perfect for most small businesses. It secures one website on one domain, like www.example.com. If you have multiple websites or want to secure additional subdomains (like blog.example.com), you’ll need a Wildcard or multi-domain certificate.
- Wildcard Certificate: A Wildcard certificate is perfect for users who want to secure an unlimited number of subdomains on one domain. So if you have multiple subdomains (like blog.example.com, shop.example.com, etc.), a wildcard certificate is a good choice.
- Multi-Domain: A multi-domain SSL certificate is perfect for users or businesses with multiple websites. Use a multi-domain SSL to secure up to 5 different domains or subdomains. So if you have multiple websites, a multi-domain SSL certificate is a good choice.
Once you’ve chosen the right SSL certificate for your website, go ahead and complete the purchase. If you’re not sure which one is right for you, our customer support team can help you choose.
3. Verify that your website information is correct
The next step is to make sure that the information associated with your domain is correct. This includes things like your contact information, name servers, and more. You can check this using the ICANN Lookup tool. This information is important because it helps make sure that your domain is properly registered and that you’re the rightful owner. It is also used by the certificate authority to verify your identity when you’re getting an SSL certificate.
4. Generate a Certificate Signing Request (CSR)
Once you’ve completed the previous steps, the next step is to generate a Certificate Signing Request (CSR). This is a digital file that contains information about your website and your company. Your CA will use this information to generate your SSL certificate.
There are a few different ways to generate a CSR and it depends on which type of server and hosting you have. For specific instructions on CSR generation, it’s best to get instructions from your web hosting provider. Here is a list of instructions for generating a CSR with GoDaddy hosting.
Note: Are you going to be using an SSL certificate on the primary domain name of a GoDaddy shared hosting account? If so, you do not need to generate a CSR. GoDaddy will take care of that for you.
5. Request your SSL certificate
After you’ve purchased an SSL certificate and generated a CSR, it’s time to request your SSL certificate. Make sure the SSL certificate credit is available in your account. Then, request the certificate for the website’s domain name (or common name) that you want to secure.
Note: If you are requesting an SSL certificate for a primary domain on GoDaddy hosting, use our SSL wizard. This includes Linux (cPanel), Windows (Plesk), and Website Builder plans.
Otherwise, here are the standard instructions for requesting your SSL certificate with a certificate signing request:
- Go to your GoDaddy product page.
- Select Manage All next to SSL Certificates.
- Select New Certificate for the SSL credit you want to use.
- On the Certificate Setup page, select Input a CSR.
- Paste your CSR into the box and select Continue to open the Prove Domain Control page.
To finish, follow the prompts to complete the certificate request.
6. Verify your domain
Before you get your SSL certificate, you’ll need to verify that you’re the rightful owner of the domain name. This helps prevent someone from fraudulently requesting an SSL certificate in your name.
The verification process varies depending on which CA you’re using, but there are a few common methods:
- Email verification: The CA will send an email to the address listed in the WHOIS record for your domain. You’ll need to click a link or open an attachment in that email to confirm your ownership.
- DNS verification: The CA will provide you with a unique code that you’ll need to add to the DNS record for your domain. Once the code has been added, they’ll be able to verify that you have control over the DNS for your domain.
- HTML verification: The CA will provide you with a file that you’ll need to upload to your website. Once the file has been uploaded, they’ll be able to verify that you have control over the website.
Here are instructions on verifying your domain via email with GoDaddy. Alternatively, you can verify your domain using DNS or HTML.
7. Download your SSL certificate files
After your domain has been verified, the CA will issue your SSL certificate. Once it’s been issued, you can download it from the control panel or product section of your account.
Here are the instructions on how to download an SSL certificate purchased from GoDaddy:
- Go to your GoDaddy product page.
- Select SSL Certificates and select Manage for the certificate you want to download.
- Under Download Certificate, select a Server type and then select Download Zip File.
8. Install your SSL certificate
After you’ve downloaded your SSL certificate files, the next step is to install it on your server. The installation process varies depending on which type of server and operating system you’re using. But, in simple terms, you’ll need to upload the certificate files to your server and then configure your server to use the certificate.
For specific instructions on how to install your SSL certificate, it’s best to consult your web hosting company or server documentation. Here are instructions for installing an SSL certificate on a wide range of servers, including cPanel, Apache (Linux), Microsoft, and more.
Note: If you’re using GoDaddy’s Managed WordPress or Website Builder hosting, your SSL certificate is automatically installed for you.
9. Redirect to HTTPS
If you’ve installed your SSL certificate, the next step is to redirect your traffic from HTTP to the HTTPS version of your site. This will ensure that all traffic to your site is encrypted with SSL.
The best way to do this depends on how your website is set up and which web server you’re using. Many web hosting providers offer tools that can help with this, or you can add a line of code to your .htaccess file.
Here are instructions on modifying your .htaccess file so that your visitors are automatically redirected to the HTTPS version of your website:
- cPanel users: Redirect cPanel website to HTTPS
- Linux Hosting: Redirect WordPress website to HTTPS for Linux Hosting
- Windows Hosting: Redirect website to HTTPS in Windows Hosting
- Redirect WordPress website to HTTPS for Plesk hosting
With GoDaddy Managed WordPress Hosting, you don’t need to do anything to redirect traffic from HTTP to HTTPS. We handle it automatically for you.
10. Check your SSL installation
After you’ve installed your SSL certificate, it’s important to check that the installation was successful. You can do this by opening a browser and going to your URL. A padlock will display next to your URL to show that your site is secure. If so, congratulations! You have properly installed your certificate and your site is now secure.
However, if something doesn’t seem right, you’ll need to find and address the issue. Here are some of the most common SSL certificate problems you may run into:
- Not secure or mixed content warnings: These warnings usually mean that your site is loading some resources over HTTP, instead of HTTPS. To fix this, you’ll need to find the resources that are being loaded over HTTP and change them to HTTPS.
- There is no padlock symbol: If you don’t see a padlock, it may mean that your SSL certificate isn’t installed correctly. Try: checking your HTTPS redirect settings, rekeying your certificate, or reinstalling your certificate.
Visit this SSL installation help page for more info or to get in touch with our help team.
Once you’ve completed all of these steps, your website will be fully protected with SSL. Your users’ data will be safe during transmission. You’ll also be able to take advantage of the improved search engine ranking and trust that comes with having an SSL certificate.
Is an SSL certificate mandatory for your website?
Yes, an SSL certificate should be considered mandatory for any website owner. This is because without an SSL certificate, your site is vulnerable to data breaches and cyber attacks. In addition, Google now requires all websites to use HTTPS in order to rank highly in search results. If it’s not encrypted with SSL, visitors will see a warning message when they try to access your site.
So, an SSL certificate is important for security reasons. But it’s also necessary for good SEO and to build trust with your visitors. Afterall, the majority of visitors will not advance past a browser’s warning page. That’s why SSL is especially critical for any online business or eCommerce store. If you’re asking people to input sensitive information on your website, they need to know that it’s safe to do so.
Cost of an SSL certificate
The cost of a premium SSL certificate can vary depending on the type of certificate you need and which certificate authority you purchase it from. For a basic Domain Validation (DV) SSL certificate, prices typically start under $100 USD per year.
If you have a larger website or eCommerce store, you may need an Extended Validation (EV) certificate. Or, to secure multiple domains or subdomains, you’ll need either a SAN or Wildcard certificate. Each of these vary in price.
Free SSL vs. Paid SSL Certificates
While there are some free SSL certificates available from sources like Let’s Encrypt, they’re generally not recommended for most website owners. Why? Because free certificates come with a number of risks and limitations. For example, with a free certificate, you’ll likely have to renew it more often. This means you have more chances of forgetting to renew on time. Thereby, leaving your site vulnerable.
Also, there typically isn’t any support available since you’re not paying for the certificate. And, free certificates can be difficult to install.
Paid certificates, on the other hand, offer more features and peace of mind. They also come with support from the certificate authority in case you have any problems or questions.
So, while free SSL certificates might save you a little bit of money upfront, they may cost you more in the long run. Not to mention, the hassle of more frequent maintenance required with free certificates is a turn-off for many people.
For most users, it’s definitely worth it to pay for a quality SSL certificate.
How long does it take to get an SSL certificate?
The process of getting an SSL certificate varies depending on the type of certificate you need. For instance, Domain Validation (DV) certificates are typically issued within a few minutes.
Organization Validation (OV) certificates usually take a bit longer to issue, typically around 3-5 business days. This is because the CA needs to verify your business before issuing the certificate.
Extended Validation (EV) certificates take even longer since there’s even more verification required. However, you can get an EV SSL certificate from GoDaddy in as little as 7 days.
Why get your SSL certificate from GoDaddy?
GoDaddy is one of the biggest and most well-known names in the web hosting and domain name industry. We are also a trusted CA with over 20 years of experience providing the highest-quality SSL certificates. We offer a wide range of certificates to fit the needs of any website, and our 24/7 customer support team is always here to help if you have any questions.
Purchasing an SSL certificate from GoDaddy is quick, easy, and affordable. You can choose from a variety of different types of certificates, depending on your needs. We also offer a number of different options for how you want to install your certificate. You can do it yourself or our customer support team can help you every step of the way.
Once you’ve decided which type of certificate you need and how you want to install it, you can purchase your certificate and have it up and running in no time.
Hopefully, we’ve cleared up the topic of how to get an SSL certificate! So what are you waiting for? Encrypt your website today or ask our experts for help. Click to get started:
- Get your SSL from GoDaddy
- Contact our SSL Support Team via Live Chat
- Read our guide on SSL certificate