To install an SSL certificate, you will first have to generate a private and public key. Then, you will have to enroll and upload the SSL certificate to your server. After that, you will have to configure the SSL certificate and verify HTTPS security for your domain.
For the unversed, an SSL certificate encrypts data between your website and its visitors, ensuring a secure connection. Moreover, an SSL certificate improves data security, boosts SEO rankings, and builds user trust. Read ahead to know how to install an SSL certificate.
What is an SSL Certificate?
A Secure Sockets Layer (SSL) certificate is a small data file that creates an encrypted connection between your website and visitors’ browsers. It ensures secure communication by protecting sensitive data like passwords, credit card details, and personal information. Websites with SSL display a padlock icon in the address bar and use HTTPS instead of HTTP.
How Does SSL Encryption Work?
A visitor’s web browser encrypts the information with a public key that only the permitted server can read. The server then decrypts the data with a private key.
Why Do You Need an SSL Certificate?
Here are the key reasons why installing an SSL certificate is essential:
- Safeguards sensitive information.
- Google favors HTTPS websites, improving their search engine rankings.
- HTTPS reassures users that your website is secure, boosting engagement and conversions.
- Websites with SSL certificates meet the security standards for e-commerce and data privacy regulations.
Pro Tip: Even if your site doesn’t handle sensitive data, get an SSL certificate to enhance your credibility.
Types of SSL Certificates
There are three main types of SSL certificates to consider before installation:
-
Single-Domain SSL Certificates
A single-domain SSL certificate protects only one domain. It cannot secure other domains or even subdomains. For example, if the certificate is for example.com, it wouldn’t secure subdomains like blog.example.com.
-
Wildcard SSL Certificates
Wildcard SSL certificates secure one main domain and all its subdomains. A subdomain is part of the main domain but starts with something other than “www.” For instance, example.com can have subdomains like:
- blog.example.com
- support.example.com
- shop.example.com
-
Multi-Domain SSL Certificates (MDC)
A multi-domain SSL certificate (MDC) secures multiple, completely different domains on one certificate. Unlike Wildcard SSL, these domains don’t need to be subdomains of the same site. For example, one MDC can secure both example.com and anotherdomain.com.
How to Install an SSL Certificate?
Securing your website with an SSL certificate ensures that data shared between the user and your site remains private. Here’s how to install an SSL certificate on your server:
Step 1 – Generate a Private Key
- Login to cPanel
- In the security section, click on SSL/TLS manager
- Under Private Keys (Key), click on Generate, view, upload, or delete your private keys
- Fix the Key Size to 2,048 bits
- Click on Generate
With this, you have generated the KEY for SSL.
Step 2: Generate a Public Key
- Navigate to Return to SSL Manager and click on Generate, view, or delete SSL certificate signing requests (under Certificate Signing Requests (CSR))
- Select the key that you have generated
- Enter the domain name for which you want to install SSL.
For instance, if you want to install the certificate for www.yourdomain.com, enter www.yourdomain.com in this field and not yourdomain.com.
- Fill in your company details (including the email address)
- Set a random alphanumeric passphrase (Like, abc123)
- Click on Generate
- Copy and Paste the Encoded Certificate Signing Request into a notepad file
With this, you have generated the CSR for SSL.
Step 3: Enroll the Certificate
- If you got your Digital Certificate or SSL from BigRock, you can refer to this article to enroll on your certificate.
- If you got it from another provider, you could contact them to enroll in the certificate using your generated CSR.
Step 4: Upload the Certificate
- Login to cPanel
- In the security section, go to SSL/TLS Manager
- Under Certificates, click on Generate, view, upload, or delete SSL certificates
- Click on Save Certificate
Step 5: Install the Certificate
- Click on Return to SSL Manager
- Under Install and Manage SSL for your website, click on Manage SSL sites
- From the drop-down, select the domain for which you have uploaded the certificate
- Click on Autofill by Domain
Now, based on your Digital Certificate, you need to copy the Certificate Authority Bundle (CABUNDLE) using the links given below –
- Positive SSL: Positive SSL CA bundle
- Comodo SSL: Comodo SSL CA bundle
- Positive SSL Wildcard: Positive SSL Wildcard
- Replace it with the existing CABUNDLE that you see on your cPanel
- Click on Install Certificate and then on OK
Congratulations! Your SSL certificate is installed. Give about an hour for the changes to reflect, and you will see your website resolved on HTTPS.
Troubleshooting Common SSL Installation Issues
Installing an SSL certificate isn’t always smooth, but understanding common problems can save time and effort. Below are some of the most frequent issues and how to address them:
1. Mixed Content Warnings
Mixed content occurs when some elements on your site (like images, scripts, or CSS files) still load over HTTP, even after installing an SSL certificate. This compromises your website’s security and prevents the browser from displaying the secure padlock icon.
How to Fix This Error:
- Manually update URLs from HTTP to HTTPS.
- Use automated tools or plugins like Really Simple SSL or other tools to detect and fix mixed content automatically.
- Run online scans using tools like Why No Padlock or SSL Labs to identify unsecured elements on your website.
2. Certificate Expiry
SSL certificates, especially free ones like Let’s Encrypt, often expire after a set period (e.g., 90 days). If you forget to renew them, your website will lose its secure status, causing users to see a “Not Secure” warning.
How to Fix This Issue:
- Use tools like Certbot to set up automatic renewals for Let’s Encrypt or similar certificates.
- Opt for a hosting provider that offers auto-renewals on their SSL certificates (both free and paid).
- Calendar reminders to manually renew your certificate before it expires.
3. Incorrect Installations
An SSL certificate won’t work if it’s installed incorrectly. Common mistakes include mismatched certificate files, incorrect server configurations, or failure to assign the certificate to the right domain.
How to Fix This Issue:
- Recheck certificate files like keys, certificates, and intermediate files provided by your SSL certificate provider.
- Reinstall the SSL certificate if necessary.
Protect Your Business with SSL
Hackers are always on the move, and your website could be the next target. Secure your business and customers’ data with an SSL certificate. BigRock offers a wide range of SSL certificate plans that secure your online experience and help you earn the green padlock of trust.
Still confused or want to share your thoughts? Leave a comment below!