Loading...
Changes Saved.
Error Occurred!

KnowledgeBase

SSL Certificate start to finish complete guide

At Saratoga Hosting starting in 2016 we now provide Free SSL certificates to our customers upon request, with no need for you to purchase a dedicated IP address, no need to purchase a paid certificate, no need for an individual cPanel account for each web site, and no need for manual installation. We provide AutoSSL DV (Domain Validated) SSL certificates that are issued to us by cPanel and Comodo. This means that you're still getting true SSL encryption, but you won't receive any insurance or business credentials the way that you would when you buy a paid certificate. In most cases, customers are perfectly fine with this since most just want the SSL encryption and have no need for any fancier features.

So if you'd be happy with our free SSL certificate offering and you don't have the need for a dedicated IP address set to your domain (most users these days do not) then just ask us to install your free SSL and that's it!

However - if for some reason you want to install a special kind of paid certificate and/or if you think you require a dedicated IP address, then you of course have that option to purchase those.

Either way, it's a good idea to read this article and learn more about SSL before you attempt to implement it.

If you plan to purchase and install an SSL certificate, then definitely read the rest of this article.

We offer users who prefer to use their own paid SSL the ability to purchase everything you need right here and provide you with all of the "do it yourself" instructions. You should read this article before you purchase an SSL certificate and before you attempt to start the process. In the article below you'll find our link to purchase SSL certificates at extremely low prices (starting in the $9 per year range) along with all the important things to take into consideration BEFORE you go any further.

We'll start off with some common Questions & Answers, and then provide all the instructions and links you need down below.

Q: Who needs an SSL certificate installed on their web site?

A: NOT all web sites. Non-commerce sites don't need it, and in fact not even all E-commerce sites need an SSL Certificate! If your checkout page takes your users to an external secure checkout page (for examples - PayPal, Stripe, Authorize, etc...) and you're not collecting / storing your customer's financial information in your site anywhere, then you don't need and SSL Certificate. The only time you really need SSL is IF you actually collect sensitive financial information from your customers and store it in your hosting account (for example - in your web site's database).  However, we understand that some website owners want SSL anyway and so this optional feature is available to all customers.

Q: Do I need a dedicated IP address for my account if I want to purchase and install my own SSL certificate?

A: Not anymore! Thanks to our modern servers and newer technology, the need for a dedicated IP address is a thing of the past. The ONLY time you'd need a dedicated IP address is if you're using a merchant bank that specifically requires you to. If you're doing e-commerce and sending your customers to an external secure checkout page (such as PayPal, Stripe, Authorize, etc...) then you probably do not need a dedicated IP address. But if you're handling all of your transaction processing right within your site and storing customer financial info such as credit cards, then your merchant account bank might require you to have a dedicated IP address (though this is becoming less common). When in doubt just ask us and your merchant account provider.

Q: Do I need a separate hosting account for each site that I want to use SSL on?

A: Not anymore! Again, thanks to our modern servers and newer technology, having a separate hosting account for each SSL site is no longer required. You can host all of your web sites under one hosting account and still have a different SSL certificate on each individual domain. (There are some considerations when making this decision though - Do you want one site to rely on another? Are you up for migrating an Addon site if you choose to close a Master site? Do you want a separate cPanel for each domain? If you're unsure about any of this please contact us for guidance). 

Q: What will you need before you can purchase and install an SSL Certificate on your site here?

A: You will need a domain name that is already pointed your hosting account here. You will also need a Credit Card or PayPal account to purchase the SSL Certificate with, and you will need to be able to work ONLINE, AT A COMPUTER.  (Purchasing & installing SSL from a mobile device would be extremely challenging for most users, and if you end up requiring Remote Support from us then you'll need to be at a computer with a high-speed Internet connection). 

Q: Can I do all of this by myself?

A: Yes. It all depends on how comfortable you feel with performing some intermediate-level work on your web site and hosting account. For some people the entire process takes 15 minutes. For others, it may seem challenging and could take longer. However, if you can follow instructions and you read this entire article carefully, then absolutely you can do it yourself.

Q: Can someone from Saratoga Hosting just do it all for me?

A: Yes, to an extent. The process of purchasing and installing the SSL Certificate still requires your direct involvement, but we do offer a couple options. In one option what we do is conduct a Remote Support session during which we connect to & share your computer screen remotely with you while our technician is on the phone with you at the same time, and we do everything right on your computer with you. The other option is that you just provide us some specific information and we send you an invoice, and when you pay the invoice we do the SSL Certificate installation for you. (We do NOT, however, get involved in coding your web site for SSL usage - that's something your webmaster or web designer would handle and typically should know how to do). In all cases you'll still be at least providing some important information in email and will need the ability to pay an invoice ONLINE via either PayPal or Credit Card or Debit Card.

Now that you have an idea of what to expect, here are the steps:

If you would prefer to have Saratoga Hosting handle this process for you / with you, simply contact us and request to do a Remote Support session. We'll conduct a scheduled phone call during which you'll run our Remote Support app on your computer. This will allow us to share your screen and you can watch us perform the entire process for you. The option to have us do the purchase process & installation process for you via Remote Support is free for most Saratoga Hosting customers as long as the call is not turned into a lengthy Q&A tutorial session and the technician is able to just proceed with the work. Customers who want to engage in a consulting session or have purchased their products elsewhere will be billed at our standard rate of $40 per hour.

1a. - FIRST you must have a hosting plan here, fully set up with the domain name active & pointing to your hosting here.

1b. - Be sure to uninstall the free SSL certificate and remove the free certificates / keys connected with it from the SSL/TLS  sections of your cPanel.

If you're already unsure - contact us before going any further.

2a. - Go to http://example.com/cpanel/  (replace example.com with your actual domain name) and log into your cPanel here at Saratoga Hosting

2b. - Click the "Forwarders" icon in cPanel and create a Forwarder "admin@example.com" (replace example.com with actual domain name) , and set it to Forward to a reliable email address. This is important because during the process of purchasing the SSL Certificate you will be asked to choose from a list of contacts to send the SSL Certificate files to, and "admin@example.com" will automatically be in the list of contacts that you can select from. We'll cover that more in a step below.

3. - Go back to the main cPanel page and click the "SSL/TLS" icon in cPanel

4. - Click "Generate, view, upload, or delete your private keys." link, leave Key Size set to 2048 bits, put something like "for example.com and www.example.com" (without the quotes) in the "Description" box and click the "Generate" button.

5. - Click "Return to SSL Manager" link at bottom of page after generating the Private Key.

6. - Click the "Generate, view, or delete SSL certificate signing requests." link and use the "Key*" drop-down to select the Private Key that you just created, then in the "Domains*" box enter the following in the box each on their on separate line:

example.com
www.example.com

(replace example.com with the actual domain name of course)

7. - Fill in the City, State (not abbreviated), Country, Company, Company Division, Email. 

NOTES - the Company and Company Division boxes can be the same, but must not contain any special characters other than periods and commas. DO NOT fill in the "Passphrase" box (unless you're purchasing a special certificate from a vendor that requires it) because most common vendors for most common certs don't require it and it can actually cause problems.

8. - In the "Description" box keep it simple and just put example.com (replace example.com with your actual domain name, all lower case) and click the "Generate" button.

NOTE - Now you see the CSR (Certificate Signing Request) displayed on the screen. Keep that tab open, because you're going to be copying & pasting the CSR "Encoded Certificate Signing Request" section into a special box at the SSL Vendor when you purchase the certificate.

9. - Open a new tab in your web browser and go to http://buyssl.saratogahosting.com (this will redirect you to our preferred SSL vendor where you can buy a certificate at a big discount, for as little as $8.45 per year). OR you can use whatever SSL vendor you wish, but if you use a different vendor - their instructions will likely be slightly different than these and you might need to get support from that vendor, whereas if you use Saratoga's preferred vendor link you can get direct support from Saratoga Hosting.

SIDE NOTE - If you already have an account at the SSL vendor you can log in, or if you don't already have an account there then you'll be creating a new one during this process.

10. - For the cheapest possible SSL Certificate (which is still totally valid and widely recognized) choose the COMODO PositiveSSL option and "Add To Cart". Choose however many years you wish.

Complete the payment process and you'll receive an order number. In a few minutes you will receive 3 emails from the SSL vendor, and one of those emails will have the subject "Certificate Configuration Required" and contains an important link that you MUST click in order to proceed.

11. - When you click the link in the "Certificate Configuration Required" email it will take you to a page at the SSL Vendor where you'll copy and paste the CSR (from step 8 above) into the "Server Information" section, select SHA2 , and fill in the "Technical Contact" and "Applicant Contact" sections. NOTE - at this point it is best to use the "admin@example.com" Forwarder you created in step 2b above, since this information will display on the SSL Certificate.

"Click to Continue"

12. - You're now at the "Domain Verification Options" page. Select "admin@example.com" from the list and "Click to Continue"

Now - if you're using our preferred vendor as linked in Step 9 above, in about 5 minutes or less you'll receive an email from Comodo Security Services that contains a Verification Code and a link to click to Submit the verification code.

13. - In the email from Comodo Security Services you must Copy the Verification Code, click the "brows Here" link in the email which will take you to the Comodo page to paste the verification code into a box and click "Next". That verifies you and will trigger Comodo to email you the SSL Certificate files in a .ZIP file.

It can take up to 10 minutes for the email from Comodo with your SSL Certificate files to arrive in your Inbox. (Also check your spam folder just in case).

14. - In the email from Comodo that has the subject "Your PositiveSSL Certificate for example.com" you will find a .ZIP file attached. Download the .ZIP file to a folder on your computer and Unzip it. You'll see that it produces 4 .crt files, each of which you're going to upload to the server in a moment.  NOTE - You can ignore their instructions for installing the certificates, because most vendors send instructions meant for server admins and not end users. Just continue to follow these instructions here and you'll be safe.

15. - Back in your cPanel - "Return to SSL Manager" and click the "Generate, view, upload, or delete SSL certificates." link.

16. - Ignore all the empty boxes and click the "Browse" button right under the "Choose a certificate file (*.crt)." section, and select the first .crt file from your computer, then click the "Upload Certificate" button. After the first .crt file successfully uploads, click the "Go Back" link. REPEAT this step for each of the remaining 3 .crt files on your computer from the .zip package.

NOTE - resist the urge to hit the "install" link in this section. We're about to do the install in a different section.

17. - "Return to SSL Manager" in cPanel and click the "Manage SSL sites." sites link. This is where we'll complete the SSL installation.

18. - Now that you're in the Manage SSL Hosts section, scroll down to the "Install and SSL Website" section and choose your "Domain" from the drop-down menu. In most cases it will look like "example.com (www.example.com)" in the drop-down list.

19. - Click the "Autofill By Domain" button right next to the domain you just selected, and if you did all the steps correctly above it will automatically fill in all the proper fields below it. (If it fills in the fields, proceed to the next step. If it does not fill in the fields, stop where you are and contact Saratoga Hosting support.)

20. - Scroll down and click the "Install Certificate" button. You'll see a popup message stating "You have successfully configured SSL". The popup message may also see a message that might make you think that it's not going to work with "www.example.com" , but if you used our preferred SSL vendor in the steps above - don't worry, it's going to work both with or without the www.

That's it! You now have SSL activated for your web site, and you can go visit https://example.com and https://www.example.com (replacing example.com with your domain of course) and see for yourself that it's working!

You will see the "padlock" icon next the the URL of the domain in your browser's address bar, indicating the site is SSL secured.

Now at this point, if you get a warning that "Some items on this page are not secure" or similar, that does NOT necessarily mean there's anything wrong with your SSL. Your SSL is fine. Typically what it means is that you're loading some items in your page in a NON-SSL manner.

For examples:

- If you have an external image or plugin loading within the page as http:// instead of https:// , then visitors will see a warning that some items on the page are not secure. (Defeating the purpose of installing SSL to begin with).

- If you're using any kind of Redirect or a PHP script (such as WordPress) that is forcing you to load pages from http:// instead of https:// , then visitors will receive a warning as well.

In both examples of warnings (in fact, in practically every situation where SSL is installed but your pages are generating that warning) it then comes down to properly coding your pages to not load http:// items, and in some cases going into your PHP script (such as WordPress) and configuring it to load https:// wherever you need it. This really comes down to a webmaster / web designer task, so refer to your webmaster to fix your site design code if you run into any page warnings.

If you would prefer to have Saratoga Hosting handle the SSL purchase & installation processes for you / with you, simply contact us and request to do a Remote Support session. We'll conduct a scheduled phone call during which you'll run our Remote Support app on your computer. This will allow us to share your screen and you can watch us perform the entire process for you. The option to have us do the purchase process & installation process for you via Remote Support is free for most Saratoga Hosting customers as long as the call is not turned into a lengthy Q&A tutorial session and the technician is able to just proceed with the work. Customers who want to engage in a consulting session or have purchased their products elsewhere will be billed at our standard rate of $40 per hour.




Related Articles