Secure Sockets Layer (SSL) is a cryptographic Internet protocol that provides a secure connection (an encrypted link) between a web server and a browser. This secure link ensures that all data transfered from the browser to the web server, and vice versa, is integral and private. It is one of the first steps that you should take in making sure that your web hosting is secured.
Before transmitting the information via SSL secured page, it is coded with a unique key and after the information is received, the same key is used to decode the data. SSL is a standard security technology used by millions of web sites on the Internet. URLs that are secured with an SSL certificate start with https, instead of the common http.
The main application for SSL certificates is securing pages that obtain sensitive data from the site visitors – payment details, personal information, etc. You can purchase and manage SSL certificates using the Site Management > SSL menu of the web hosting control panel.
The SSL certificate contains information about the domain name, the company/personal name, the address (including the city, the state and the country) of the company or person it is issued for as well as the expiration date of the Certificate and information for the Certification Authority that has issued the Certificate. When a connection to a secure site is established the browser retrieves the site”s SSL Certificate and checks if it is expired, if it has been issued by a trusted Certification Authority, and if it is being used by the website it has been issued for. A warning will be dispayed by the browser if any of the checks fail and it will inform the site visitor that the page is not secured by SSL.
How to activate SSL for my domain/subdomain
SSL is used to secure the connection between your website and the customer”s computer. It is recommended when you have an online form which gathers personal or sensitive information from your website users, such as billing and registration details, for example. Although it is not a definitive requirement to have SSL in such cases, it is a way to protect the data of your users and it is valued and even demanded by many customers.
To activate SSL for your domain (or subdomain) you need to install an SSL certificate for it. To be able to install SSL for any domain it must have a dedicated IP address.
Assuming that you already have a dedicated IP for your domain, here is what you must do to activate SSL:
Step 1: Purchase a certificate
You can purchase an SSL certificate by going to My Domains > SSL Certificates > Order Certificate tab on your web hosting control panel. Input the following details in the order form:
CSR stands for ”Certificate Signing Request” or ”Certification Request”. It represents a message in encoded format that is sent by applicant [you] to a certificate authority in order for an SSL certificate to be generated. It contains information such as FQDN [Fully Qualified Domain Name], e-mail, country etc. Private key is not included within CSR but is equally important thus used to sign digitally a certificate. Remember that upon CSR creation Private Key is generated as well.
Basically, before purchasing an SSL Certificate, you need to set up a Certificate Signing Request (CSR) from your web hosting control panel. This can be easily done from Site Management > SSL > Generate CSR tab on your web hosting control panel. If you purchase your SSL certificate with us, which is done from the Order Certificate tab in the same section, the CSR and the Private key will be generated automatically, but you still have to provide the details for the CSR in the SSL order form.
- Organization Name: Type in the exact legal name of your organization. Do not abbreviate the name of your organization.
- Organization Unit: Specify the exact department of your organization (optional).
- Country: Select your country from the list.
- State: The state or province where your organization is legally located. It should not be abbreviated.
- Hostname: The fully qualified domain name for your web server, e.g. www.my-best-domain.com. This must be an exact match.
- E-mail: Type in your personal e-mail address.
Note that none of the following characters can be used in the details: < > ~ ! @ # $ % ^ * / ( ) ?.,&
All fields are pre-filled with the details you provided for your hosting account. You must select an “Approver E-mail” at the bottom, which must be an e-mail account hosted here (one created in the E-Mail Manager on your web hosting control panel).
- Select the registration period – the longer, the cheaper per year.
- Make sure you read the User Agreement and select the checkbox next to “Accept User Agreement“, then select a payment method and finally click on the “Continue” button at the bottom to complete the order. You will be forwarded to a billing gateway page to submit the payment.
- Once your payment has been submitted, you will be able to see your newly ordered certificate in the “My Certificates” tab in Site Management > SSL on your web hosting control panel. As soon as the status is changed to “Active” you can apply the certificate to your domain.
Step 2: Install certificate
To install an SSL certificate to your domain go to My Domains > Hosted Domains and find your domain (or subdomain) in the list and click on the edit icon on the right. On the next page click on the “Secure Socket Layer (SSL) :” drop-down menu at the bottom and select the option to “Upload SSL certificate” – as soon as you select this option, 4 text fields appear uder the form:
- Private key
- SSL certificate
All four of the above have been generated when you purchased the certificate and you can get them from My Domains > SSL Certificates. It would be best to open the SSL section of the control panel in a separate tab and copy-paste each of the four.
When ready, press “Upload SSL certificate“.
If you have followed this tutorial strictly, now you should have SSL activated for your domain.