So you’ve decided to get a secure certificate (SSL) for your website, for whatever reason, and you haven’t got a clue what to do next.
Well you have to jump through a few more hoops than normal to make it happen, check out my step by step process below and it’ll be smooth and painless.
I exclusively use and recommend Rapid SSL certificates for my web hosting members. And you won’t find a better service or more competitive prices in Australia for buying your SSL certificates than Trustico (aff)
So in order to make it easy for you to purchase and renew your certificates and keep your web host out of the loop as much as possible, follow this step by step guide.
Treat a renewal of your certificate as if you are buying a new one, it’s much safer that way. So with that in mind let’s go.
Step 1a. Contact your web hosting provider and ask them to create a Certificate Signing Request (don’t worry they will know what you’re talking about – and if they don’t I’d leave them and find another hosting provider pronto!) Provide your hosting provider this information
- Host to make cert for (eg websmartcentral.com)
- Country (2 letter Abbrivation) (eg AU)
- State (eg QLD)
- City (eg Tarragindi)
- Company Name (eg Web Smart Central Pty Ltd)
- Company Division (eg HQ)
- Email (eg aarond AT websmartcentral.com)
Word of caution here: some web hosting providers have an SSL icon in your control panel. DO NOT use that to generate your CSR. Why, because you don’t know what goes on behind the scenes and your web host may not be able to use what you’ve generated. Just give them your details and let them do this part.
Step 1b. Your hosting provider will enter that information into the web server where you account resides and it will generate the certificate signing request and you will be emailed the results. This garble of characters you can see in Image #1 contains your information you provided in Step 1a. The certificate company will use this information to generate a certificate that is yours and yours alone, that one else can replicate. It can only exist on the web server that it’s generated from. You must wait for this information before going onto Step 2.
Step 2. Head on over to Trustico (aff) to start the purchase (NB : their website may change between writing this article, but it will still guide you through the process). You need to choose your certificate type.
I recommend the Rapid SSL certificate, since it’s your base level model that will get you by in 90% of situations, you may require something bigger. Have a read around the Trustico website they explain a lot about the differences in certificates, and it’s outside the scope of this guide.
Step 3. Select if you are ordering a new product or renewing a product.
Step 4. Choose your plan length I recommend 12 months but you can choose a longer plan if you get insurance with it (which allows you to regenerate the certificate again should you move hosting providers) Choose your server type (in my hosting environment I use cPanel exclusively) Make sure you select insurance, it’s so cheap it’s worth getting it since it covers you as I’ve just mentioned should you change your host.
Step 5. Enter in all your details. Even if you are renewing treat it as a new purchase.
Step 6. Time to enter your CSR (Certificate Signing Request). Simply copy and paste the whole CSR section that was emailed to you. It will look like what’s in the image below, don’t forget to include the —-BEGIN and —–END text it’s important.
Step 7. Now you have to verify your details are correct.
Step 8. This step proves that you are who you say you are and that allows you to approve the certificate to be processed and generated for you. You MUST have a valid email address from any of the addresses that are listed in the image below. The automated system will look to the email that you in your domain name and offer that first, plus some others. If you don’t have any of these that are valid, then you MUST make one of the Generic Domain Emails valid, by setting up an email forwarder in your web hosting control panel (see the tutorial here for how to do that)
Step 9. Fill out your administrative contact details, which should be already filled in for you.
Step 10. Agree to the subscriber agreement
Step 11. Review your order is correct for billing
Step 12. Choose how you are going to pay
Step 13. Onve you’ve paid you will then receive an approval email which will need to be responded to.
Step 14. Then your certificate will be issued to you via email.
Step 15. Send that information in to your web hosting provider that created the orginal CSR in the first place, and they will install the certificate onto the server and assign it to your hosting account.
Step 16. Job done! You can test the certificate has been installed correctly by browsing to the https:// equivalent of your main domain (eg. https://websmartcentral.com/ ) You will then see a lock somewhere along the bottom of your browser window, which when you click on it then you be presented with your secure certificate.
That’s it, if you follow this step by step guide you will be successful in buying or renewing your SSL certificate.