SSL (Secure Sockets Layer) is a cryptographic protocol created by Netscape to provide communication security over the Internet. This protocol creates an encrypted connection between a web server and the end user’s web browser which allows private information to be transmitted without being eavesdropped, tampered or forged.
You are probably asking yourself now “ok RoseHosting, how can I use this protocol to improve my website security and increase my customers trust in my business?”.
Well dear and well respected reader, the solution is an SSL certificate which is a signature that digitally binds a cryptographic key to an organization’s details. As most of you probably know, installing an SSL certificate for your website is a must, especially when your business is represented by an e-commerce website, trading website, money transfer website etc… We can go on but you get the picture.
Once you install an SSL certificate for your website, the data is encrypted and allows for secure connections from your client’s web browsers and your web server.
Usually, when you see a green padlock for a website that you visited via your favorite web browser indicates that the website is using an SSL cert. However, websites that use SSL certs can also be recognized by a green address bar once you open them in the web browser.
Various research show that nearly 70 percent of online shoppers have changed their minds in ordering online due to a lack of trust in the transaction. When asked, many of them indicated that if there was a presence of a trust mark (green padlock or green address bar) they would have purchased the product they intended.
We know that making a successful SSL cert order can sometimes be very annoying and that is why in this article, we will cover all the steps needed for successfully ordering an SSL certificate through our website.
Find out what kind of SSL certificates we offer.
As you can see you have various brands to choose from. When choosing an SSL cert for a website, people narrow their choice according to their budget and certificate usage. So make your choice and then do the order. But first, let us explain something about certs and the order process.
SSL Certificates consist a public and a private key. These keys, together, establish an encrypted connection. An SSL certificate can be purchased from a certificate authority (CA) which is an entity that issues digital certificates to organizations or people after validating them.
So, in order to purchase a certificate, first you must create a certificate Signing Request (CSR). You can use our online CSR generator.
When creating a CSR the following information is needed:
- Country - State - Locality - Organization - Organizational Unit - Common name
Legend for the above needed information:
The Country value is a two-digit code, e.g. for the United States, it's US. State and Locality are the full names, e.g. Missouri and St. Louis respectively. The Organization name is your full legal company or personal name. The Organizational Unit is the branch of your company for which the SSL certificate is ordered. For example: management, finance, marketing, etc. The Common Name is a domain name like www.example.com.
Important notes:
- If you want your certificate to work for www.example.com your common name must be www.example.com. If you enter domain.com in the Common Name field, your certificate will only secure domain.com and will not secure www.domain.com
- When generating a CSR for a wildcard SSL certificate, the common name must start with an asterisk (*) e.g. *.domain.com
Now we will create a CSR for ‘testdomain.com’ so you can see how this should be done.
This is for educational purposes only, so you need to use real information when you generate a CSR. Below is an image from the information we entered during the CSR creation.
Once we clicked on GENERATE CSR, the certificate signing request was generated along with the private key as shown in the pictures below:
As you probably see already, you must copy the CSR and private key to somewhere save. You will need the CSR during your SSL Certificate order and you will need the private key for the SSL certificate installation later.
With this taken in mind, you already know how to generate a CSR along with the private key.
Your next step is to order the actual SSL certificate for your domain.
Once you have chosen the cert you want to purchase, click ‘ORDER’. A new page will be opened for you where you need to paste the CSR you already generated and to choose your server software.
Select Apache+OpenSSL from the ‘Select server software‘ options and paste the CSR in the respective field. If you noticed, once you pasted the CSR the Common Name value was automatically adjusted to the domain that the CSR was generated for. In our case ‘www.testdomain.com’ is the domain as you can see from the below image:
Now click on Continue to step 3 and fill out the information needed for your organization. Set the approval email to an email account that you have access to because the certificate approval email will be sent to that address.
The approval email is typically sent to the following addresses, called administrative email accounts:
admin@yourdomain.com administrator@yourdomain.com hostmaster@yourdomain.com postmaster@yourdomain.com webmaster@yourdomain.com
Where ‘yourdomain.com’ is the domain for the certificate that you are purchasing.
One thing that is good to know is that sometimes for the approval email to be sent to the proper email account, your domain WHOIS privacy needs to be temporarily disabled so the delivery will be successful.
Enter your Admin Contact information and click on Continue to step 4.
Next, choose your SSL certificate period (the period for which the SSL certificate will be valid) and proceed to step 5.
Fulfill the needed information such as email address, password, first name etc… choose your payment method and finish the order process.
Once your order is processed an approval email will be sent to the email address that you set during the third step. Then you will have to approve the certificate and validate your domain ownership by clicking on the unique link from the email. Once you click on the link to validate and approve the cert, the certificate authenticity is validated and the CA (certificate authority) will generate it and send it to the email address that you entered during step 5.
Please note that the validation process for the Extended Validation certificates is more complex, so be sure to familiarize yourself with the needed requirements.
Once you receive your SSL certificate along with the respective CA intermediate certs, contact us and our admins will install the SSL cert immediately on your server regardless on whether you have WHM/cPanel, DirectAdmin, Webmin or your Linux VPS is without a control panel.
Of course you won’t have to create the KEY and the CSR if you use one of our Linux VPS Hosting services, in which case you can simply initiate a chat session or create a ticket after which our 24/7 tech support will help you with the steps above. The only thing you’ll have to do yourself is order one of the SSL certificates we offer through our website.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.