Nowadays, it is almost impossible to run a successful website without securing it with SSL. When you buy an SSL certificate, you will gain several benefits, chief among them being the ability to enable HTTPS. You will also be increasing your visitors’ trust in your site and you may even start ranking better in search results!
To top it all off, these days it is easier to get an SSL than ever before. And if you are on a tight budget or you are just starting your website, you can save money by taking advantage of a completely free SSL certificate.
In this article, we will briefly list the most important reasons you should consider buying an SSL. We will then proceed to show you how to get an SSL certificate on our hosting platform. You can read the entire article if you wish, or you can jump to the section that interests you:
- Why Do I Need to Get an SSL Certificate?
- What Are the Differences Between Paid and Free SSL Certificates?
- Should I Get a Paid or a Free SSL Certificate?
- What Are the Requirements to Use an SSL Certificate?
- How Can I Get an SSL Certificate?
- What Should I Consider When Buying an SSL?
- Can I Use a “.well-known” Folder for Authentication During the SSL Issuing Process?
- Can I Get an SSL Certificate for a Subdomain?
- Can I Use a Single SSL Certificate With Multiple Hostnames?
Why Do I Need to Get an SSL Certificate?
Getting an SSL certificate will have a positive effect on your website thanks to several important SSL features. These are:
- data encryption ensures that all information between your site and your visitors is transmitted in a secure manner.
- better search ranking in major search engines like Google.
- accepting online payments on your site using credit and debit cards as well as other payment methods.
- increased user trust makes your visitors more comfortable when it comes to sharing personal or sensitive information.
- proof of legitimacy showing that your website is authentic and not a scam or a phishing attempt.
- enhanced brand recognition that sets your site apart from competitors with less secure websites.
What Are the Differences Between Paid and Free SSL Certificates?
Earlier in the article, we briefly mentioned that is possible to get an SSL certificate absolutely free of charge. With that in mind, you may be wondering why you should pay for an SSL certificate when you can get one without a price tag.
Generally speaking, there are four major differences between paid and free SSL certificates:
- certificate duration – most free SSL certificates expire in 1-3 months while paid SSL certificates usually last 1-2 years.
- level of support – due to the sheer number of users employing free SSL certificates, most free SSL providers offer minimal technical support or sometimes no support at all. SSL certificates that cost money, on the other hand, always have dedicated support teams that are ready to assist you in case you run into any issues.
- level of authentication – free SSL certificates offer only the most basic domain-level authentication. This means that a free SSL will only vouch that you are the owner of the domain name in question. In contrast, some paid SSLs can perform extensive validations of the company or organization that has requested the SSL.
- warranty – as you might imagine, free SSL certificates come as-is with no implied warranties. If something breaks on the issuer’s side and your free SSL becomes invalid, there will be no recourse available to you. With a paid SSL, on the other hand, you will be eligible for monetary compensation. The compensation amount will vary depending on the severity of the issue and the particular SSL that you have purchased.
One of our core beliefs is that SSL makes the web a safer place. As such, we have taken steps to mitigate some of the drawbacks of the free SSL certificate option.
When you host your domain on AwardSpace and get a free SSL certificate from us, we will handle all certificate renewals for you. What is more, our 24/7 Technical Support Team is ready to assist you in case you have any issues with your SSL. All that you need to do is to make sure that you are using one of our paid hosting plans to take advantage of our free SSL features.
Should I Get a Paid or a Free SSL Certificate?
As a general rule, we recommend getting a free SSL certificate if you:
- run a small blog or a personal site.
- have a portfolio or a CV online.
- are still in the process of building and testing your website.
Conversely, a paid SSL certificate will be better suited if you:
- run an online store.
- perform any financial transactions on your site.
- collect sensitive information such as bank or contact details.
- own or manage the online presence of a large company.
In the sections below, we will provide instructions on how to get a paid or a free SSL certificate, but before doing so, we will briefly touch on the requirements that must be met to activate an SSL certificate.
What Are the Requirements to Use an SSL Certificate?
Using an SSL is a premium feature. As such, you need to be using one of our paid hosting plans or Semi-Dedicated servers. If you happen to be using our free website hosting service, you should consider upgrading as our free hosting does not support SSL.
Additionally, each SSL certificate requires the use of a Private IP address. Therefore, purchasing a Private IP is necessary for the activation and continued operation of the SSL certificate. For additional information, read our article on what happens if the IP for SSL expires.
Now that you have an idea of the requirements that must be met to use an SSL, you can proceed to learn how to get an SSL certificate for your website.
How Can I Get an SSL Certificate?
Depending on your preference and needs, there are three ways you can obtain an SSL – you can get a free SSL certificate from AwardSpace, purchase a premium SSL from AwardSpace, and upload a custom certificate that you have acquired through a third party. We will examine each approach in greater detail below.
How Can I Get a Free SSL Certificate?
To get a free SSL certificate through AwardSpace, follow the steps below:
- Go to the SSL Manager section of the Control Panel.
- Click on the domain name that you wish to secure with SSL.
- Open the Upload Your Certificate tab.
- Scroll past the Certificate, Private Key and CA Certificate fields and click on the Create Free Certificate button.
Once you click on the Create Free Certificate button, the free SSL certificate should be automatically installed and in a few moments, you will see a notification that the installation has been completed successfully. If you receive an error message instead, make sure that your domain name is using our nameservers, wait an hour, and then try creating a free SSL certificate one more time. If the issue persists, you can get in touch with our 24/7 Technical Support Team for further assistance.
How Can I Get a Premium SSL Certificate?
You can get a paid SSL by performing the steps outlined below:
- Go to the SSL Manager section of the Control Panel.
- Click on the domain name that you wish to secure with SSL.
- Open the Buy SSL Certificate tab.
- Click on the Get an SSL Certificate button.
- You will be taken to a page where you need to place a checkmark before the name of the SSL that you wish to purchase. Currently, we offer the following premium SSL certificates:
- RapidSSL
- GeoTrust QuickSSL
- GeoTrust QuickSSL Premium
- GeoTrust True BusinessID
- GeoTrust TrueBizID with EV
- GeoTrust TrueBizID Wildcard
You can check the GeoTrust SSL comparison page to get more information on the differences between the various paid SSL options. If you are still unsure which certificate to pick, you can contact our 24/7 Sales Team for a quick consultation.
- After you have placed a checkmark before the SSL that you intend to purchase, enter the domain name that you wish to secure in the Hostname field that pops up.
- Scroll to the bottom of the page and place a checkmark before the IP for the SSL option.
- In the Hostname field, enter the same domain as you did earlier.
- Press the Continue button.
- Select a payment method, verify that your billing information is correct, and proceed with the payment.
- Once the payment is made successfully, allow a few hours for the SSL to be issued. Our Sales team will install it on your domain name on your behalf.
How Can I Get an SSL Certificate From a Third Party?
The great thing about our hosting platform is that it is compatible with most third-party SSL providers such as Comodo, Digicert, GeoTrust, GlobalSign, Thawte, and others. So if you decide not to use our built-in SSL solutions, you may do so. The main downside of getting an SSL certificate through a third party is that you will need to install the SSL manually.
Follow the steps below to learn how to get and install an SSL certificate from a third party:
- In most cases, you would need to generate a CSR. A CSR (Certificate Signing Request) is commonly used while issuing your SSL certificate. You can generate a CSR using the SSL Manager. For more information on this process, you can check our guide on how to generate a CSR.
- With the CSR now ready, you can contact your SSL issuer and ask them to issue your SSL. At some point in this process, you will be prompted to specify the type of web server that is powering your site. You need to select Apache + MOD_SSL.
- Depending on your SSL issuer, it may take anywhere from a few minutes to a few days for your SSL to be issued. Once your SSL is issued, go to the SSL Manager section of the Control Panel.
- Click on the domain name where you wish to upload your custom SSL certificate.
- Open the Upload Your Certificate tab.
- Paste the values of your SSL certificate into the Certificate, Private Key, and CA Certificate fields. If you have trouble doing so, read our tutorial on how to install a custom SSL certificate.
- Once you have pasted the SSL values, press the Upload SSL Certificate button.
- If everything goes well, you should see a confirmation message informing you that your SSL certificate was successfully uploaded. If you run into any issues, you can always contact your SSL provider or our Support Team for help.
Getting an SSL certificate from a third party gives you a lot of choice and freedom to pick the certificate that is right for you. However, not all certificates are created equal. In the section that follows, we will discuss some SSL characteristics that you should keep in mind when buying an SSL certificate.
What Should I Consider When Buying an SSL?
The SSL certificates offered by different vendors can vary in their features, compatibility, and security. Below, we will show you how to get the right SSL certificate by listing a few noteworthy features that your SSL should support:
- Server support. An SSL certificate will be of little use to you if it is not compatible with the server that powers your site. As such, making sure that the SSL can be installed on the server is a must. Our servers use Apache + MOD_SSL.
- Intermediate CA certificate availability. Intermediate CA certificates are optional parts of the SSL, but they increase web browser compatibility. Your SSL issuer should be able to provide you with an Intermediate CA certificate along with your main certificate. To learn more, read our article on what is the purpose of the CA certificate.
- SHA-256 support. SSL certificates are only as strong as the cryptographic algorithm that they are using. You should get an SSL that comes with SHA-256 (also known as SHA-2) and steer clear of any SSL providers that still offer SSLs that use SHA-1. You can get more information on SHA-1 and SHA-256 in our article on how to upgrade an SSL from SHA-1 to SHA-256.
- Support for www/non-www. Some SSL issuers may be able to issue a certificate only for the “www” or “non-www” version of your domain name and not both. You can learn what the implications are of this partial support in our article on whether separate SSLs are needed for the “www” and “non-www” versions of your domain. The good news here is that even if your SSL supports only one version of your domain name, you can learn how to redirect all traffic to the SSL-enabled version.
Can I Use a “.well-known” Folder for Verification Purposes During the SSL Issuing Process?
When you apply for an SSL certificate, the issuer needs to carry out essential verification to prevent fraud. The most basic verification is proving that you are the owner of the domain name that you are requesting an SSL for.
Verifying that a person or a company owns a specific domain name is often conducted via ACME challenges. The most commonly used ACME challenge is referred to HTTP-01 and it involves uploading a special file into a folder titled .well-known on the server. Unfortunately, on our shared hosting platform, this folder is reserved and cannot be used for domain verification.
There are two possible solutions to this restriction. You can either upgrade to a Virtual Private Server package or you can use a different ACME challenge. We recommend using the DNS-01 challenge which instructs you to add a specially-crafted TXT record to your domain’s DNS. This can be achieved using the Domain Manager section of our Control Panel.
Can I Get an SSL Certificate for a Subdomain?
Yes! The process of securing subdomain names is identical to securing regular domain names. So once you learn how to get an SSL certificate for a domain name, you can use the same steps to protect your subdomains as well.
Can I Use a Single SSL Certificate With Multiple Hostnames?
There is a special kind of certificate called a wildcard SSL certificate that is able to secure all subdomain names out of a given domain name. Currently, we offer GeoTrust TrueBizID Wildcard which is a premium SSL certificate that can protect one domain name as well as all subdomains created out of that domain.
At this time there are no mainstream SSL certificates that can protect multiple domain names at the same time. As such, if you are looking to secure two or more separate domains, you should consider purchasing an SSL certificate for each.
Conclusion
Learning how to get an SSL certificate and using the SSL to secure your domain or subdomain are essential steps in running a successful website. The sheer number of benefits that an SSL can bring you makes it well worth the effort. In fact, we recommend that all website owners get an SSL certificate even if no sensitive information is stored or transmitted through the site.