You Need To Buy And Instal SSL Certificate For Your Website, Here's How

Over the last few years, the internet has gone through a transition from optional secure protocol HTTP and HTTPS to such a scenario in which one cannot own a website if not secured with SSL Certificates. The reason is that Google started to display an alert message in the Chrome Browser whenever a user visits any website URL started with HTTP instead of HTTPS. So, you should buy an install an SSL certificate on your website to ensure it follows web security standards.

Buy new SSL Certificate

Firstly, look for a good provider of SSL Certificate. The service cost is relatively lesser, ranging from Rs 2,115 to Rs 7,050 ($30-$100) per year.

Some providers of SSL Certificate are:

• Let's Encrypt: It is free of cost, but you need to re-upload the Certificate frequently for renewing it.
• Digicert: This is an inexpensive basic SSL to a pro version suitable for big websites.
• Comodo SSL: It is expensive, but it offers several additional features.
• GoDaddy: This is well known for its web domain service. It sells website certificates too.
• RapidSSL: Symantec runs this service. It also offers some of the cheapest SSL options.
• Network Solutions: This provides a pocket-friendly basic SSL certificate for small websites. Besides, it provides expensive options, exclusively for the larger organizations.

For purchasing the SSL Certificate, you need to provide your domain's name, the IP address of your web server. The user will get three information pieces after purchasing the SSL Certificate.

The first one is a Certificate (CRT) that verifies the authenticity of secure websites from the servers of the certificate provider. The second one is a Private Key (KEY) that plays the role of a "key" used for encrypting and decrypting the details of your Certificate when any visitor visits the Website. The key helps to encrypt the communication between your web server and the web browser of a visitor. The third piece is the CA Bundle. It bundles up all intermediate certificates which make the entire encrypted SSL certification task.

As soon as you have all the three pieces of info from SSL provider, install the SSL Certificate on the Website.

Installing the SSL Certificate

First of all, log in to your account on the web hosting and launch the control panel. From Security, choose SSL/TLS Manager.

In the window of SSL/TLS Manager, choose Manager SSL sites link placed at the bottom.

Scroll down till you see 'Install an SSL website' in the window of Manager SSL Hosts. In this section, use the dropdown for choosing which host you wish to apply your SSL Certificate to. In every field for a Private Key, CA bundle, and Certificate, enter the long text entries that you received at the time of purchasing SSL Certificate.

When done, select 'Install Certificate' which is at page's bottom.

Now the installation of SSL Certificate for that particular domain is done. This will work when any visitor types the domain with https in its front.

Force visitors of your site to use SSL

Now, any visitor who has already visited the website will use their old bookmark which contains 'http' in its domain. In Chrome, a visitor will see a security warning that the site is not safe.

This may result in the loss of many visitors, as they would not trust the website. You can make it right by forcing the visitors' browser for modification of URL to maintain https in the front all the time.

In Files of Control Panel, double click on File Manager to launch it. Now, navigate to the web directory's root level. At this place, you will find .htaccess file. Now, right-click on the file and select Edit from the dropbox.

The .htaccess is a file which controls the behavior of the webserver whenever anyone visits the site. All you need is to add a special code to the file so that the browser of the visitor is forced to use the https rather than Http.

In default editor, the Edit mode opens .htaccess file on local computer.

On the top of your file, insert this code:

"# START FORCE HTTPS

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

# END HTTPS"

On closing the file, a message to save the file will pop up. Confirm to save the file. A new .htaccess file will be active. The users are now forced to access your website via HTTPS.

Now, open the browser. Type in the domain of the site.

If your SSL Certificate is not facing any issue and working correctly, you will find a lock icon in Chrome. This means your site is loading through the encrypted and secure HTTPS protocol.