How to add an SSL to your website — The ultimate guide on SSLs
You’ve finally done it. After hours of design and testing, your website is finally ready to be launched. But, in the back of your mind, you know you’ve been putting off that one last step: adding an SSL to your website. Since 2018, SSLs have become required features for Safari, Chrome and Firefox, so most web designers are very familiar with SSLs by now. If you’re new to the web design world, however, SSLs can feel daunting.
In this guide, we’ll cover what an SSL is, how you can add an SSL to your website, and tips for getting the most out of your SSL.
- What is an SSL?
- How to add an SSL to your website.
- Potential SSL installation issues.
- Or, save the time and hassle and have us do it for you.
What is an SSL?
An SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between networked computers. The SSL itself is a digital document that ties the identity of a website to a cryptographic key pair, which includes a public key and a private key. The public key allows a web browser to start an encrypted communication session with a web server via the TLS (Transport Layer Security) and HTTPS (Hyper Text Transfer Protocol Secure) protocols. The private key is kept secure on the server and is used to digitally sign web pages. Put more simply, an SSL tells your customers that it’s safe to browse, shop and enter their secure information on your site. And for websites without an SSL? Here’s the warning that visitors will see: An SSL certificate will also impact your website’s SEO (search engine optimization). Sites without an SSL installed will be deemed as lower-trust websites and will be penalized on search rankings. Give your viewers confidence and keep your site secure with an SSL. Related: Top 5 SSL issues to understand (and avoid)
How to add an SSL to your website
Let’s take a look at the process for setting up and installing an SSL on various server types below. Note: This is a technical process, so if assistance is needed, click here.
Request your CSR
The first step to setting up your SSL will be requesting a CSR (Certificate Signing Request) from your hosting provider. Note: If you’re installing your SSL to the primary domain of a GoDaddy hosting account, your CSR is generated automatically. When generating a CSR, you’ll need to provide specific details. These are the details you’ll need to be prepared to provide:
The fully-qualified domain name, or URL, you want to secure. Note: If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor’s name. Note: While this is a required field for CSR generation, the organization field is only vetted with Organizational Validation (OV) and Extended Validation (EV) SSL types. Not sure which cert type you need? We can help you determine the best fit for your business with our SSL selector tool.
Name of the city where your organization is registered/located. Do not abbreviate.
Name of the state or province where your organization is located. Do not abbreviate.
The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
Generating your CSR
The process of requesting a CSR will vary by server type. Our Help Center has general guides for the most common server types, but if you do not see your particular server listed, you will need to refer to the documentation for your specific server for details on generating a CSR.
Set up your SSL
Once you have your CSR generated, it’s time to set up your SSL certificate.
Request your SSL
You’ll need to have your CSR handy for this portion of the setup:
- Go to your GoDaddy product page.
- Select Manage All next to SSL Certificates.
- Select New Certificate for the SSL credit you want to use.
- On the Certificate Setup page, select Input a CSR.
- Paste your CSR into the box and select Continue to open the Prove Domain Control page.
- Leave everything as it is and select Continue.
- On the Additional Options page, select the Certificate Issuer you want to use. The only thing that changes is who the certificate is issued by. Your certificate will function the same regardless of what you choose.
- Read the Subscriber Agreement, select the checkbox for I agree to the terms and conditions of the Subscriber Agreement, and then select Continue.
Verify your SSL request
Before we can issue your certificate, we’re required to verify that you control the domain that you’re using for your SSL request. This is to ensure that the SSL request is being made by an approved entity. How you prove your domain control depends on if your certificate and domain are in the same GoDaddy account. Here are in-depth guides for both options:
- My certificate and domain are in the same GoDaddy account
- My domain isn’t in the same GoDaddy account as my certificate
Download your SSL files
If you’re manually installing your SSL certificate on your hosting account or server, you need to download your primary and intermediate certificates from the SSL dashboard. If the option to download your SSL certificate is disabled, we’ve already installed the certificate for you.
- Go to your GoDaddy product page.
- Select SSL Certificates and select Manage for the certificate you want to download.
- Under Download Certificate, select a Server type and then select Download Zip File.
Install your SSL
Now that you have your SSL files, it’s time to install your SSL. This process will vary based on your server type. We have instructions for the most common server types in our Help Center, but you will need to contact your hosting provider if your server configuration isn’t listed.
Redirect HTTP to HTTPS
With the SSL installed, the next step will be to redirect your site to HTTPS. For those using Managed WordPress, this update will be automatic. If you’re using a non-managed installation of WordPress or a different type of server, you can find the redirect steps here.
Potential SSL installation issues
After installing your SSL and redirecting to HTTPS, it’s time to test your website for some of the common issues after installation. Here are the top issues to check and resolve:
SSL certificate not found
If your SSL is installed incorrectly, your visitors may see a “certificate not found” error.
HTTPS redirect failure
A site not properly configured for SSL can lead to a redirect failure error message being shown to visitors trying to find your site
SSL certificate mismatch
Error message occurs if the site isn’t properly validated prior to completing your SSL certificate installation.
If your website’s source code is pulling in other resources with insecure HTTP protocol (such as images, videos, stylesheets, or scripts) your site will not load correctly.
Or, save the time and hassle and have us do it for you
If the steps to add an SSL to your website feels overwhelming, or you just have better things to do with your time, GoDaddy can handle the installation for you.
GoDaddy SSL Setup Service
This one-time service includes the following features:
- Installation and configuration of the SSL to the server.
- Provide necessary redirection to HTTPS.
- Update all mixed content to ensure the SSL padlock shows in browser address bars.
- Update the sitemap so that Google recognizes that the site is loading securely over HTTPS.
- If the site has a firewall, update the WAF settings to ensure full encryption.
It’s important to note that GoDaddy SSL Setup Service requires that the website be hosted on a server with a control panel. If the hosting provider does not provide a control panel, then we will be unable to install the SSL. Additionally, this service can only be used for a single installation. If other servers require SSL installation, then additional services will need to be purchased.
GoDaddy SSL Managed Service Add-on
The SSL Managed Service Add-on includes all of the features of the GoDaddy SSL Setup Service, but also includes the following:
- GoDaddy provides ongoing support for any changes that are made to the website to ensure that your website remains fully encrypted for the length of the product subscription (for example, fixing mixed content errors that can occur at any point when new content is added to a site).
- Ensure the SSL certificate is reissued at the end of each validity period to ensure that there is no gap in protection.
If there are any issues that need to be addressed, SSL Managed Service customers can simply create a help ticket in their SSL dashboard and our professionals will work to quickly address the issue. SSLs can seem daunting, but they don’t need to be a roadblock for you or your business. Need help with your SSL installation? Give our Customer Care agents a call and let us handle the heavy lifting. This article includes content originally published on the GoDaddy blog by Robby Prochnow and Tom Rankin.
Image by: Nadine Wiese