• Facebook Icon Link
  • Instagram Icon Link

How to Install a Free SSL Certificate.


install free ssl certificate

Tutorial Overview.

This tutorial is all about SSL technology. It will explain what SSL is, why it’s important to have SSL, and the different levels of validation. Then I will show you how to install a free SSL certificate using Let’s Encrypt and ZeroSSL.

Quickies.

What is an SSL Certificate?

SSL stands for Secure Sockets Layer. SSL is a security technology for creating an encrypted connection between a browser and a web server. This connection makes it so that all data passed between the browser and the server is private. If you have ever looked at the URL of the websites that you visit you will notice that some start with https: and some start with https: That ā€œsā€ on the end means that the website is secure and is using SSL.

Why is it Important to Have SSL?

The number one reason to have SSL is security. Without SSL, hackers are able to intercept data between the computer and server and do whatever they want with the data. Google is now flagging websites that don’t have SSL and marking them insecure. They are also including this in their ranking algorithm now so if you don’t have SSL it will hurt your SEO. Having an SSL certificate on your website creates trust with your users and shows them you care about their privacy.

Do I Need an SSL Certificate?

In this day and age, there really is no reason to not have SSL on your website and as I will show you below it can be absolutely free. eCommerce websites are required to be PCI (Payment Card Industry) compliant and one of the requirements of PCI compliance is to have SSL on their website. If you have a website in the healthcare industry and collect, store, or transmit patient data in any way you are required under HIPAA regulations to have SSL on your website. If you have people that login to your website you need SSL so their user information is secure. It doesn’t really matter if you are required to have SSL or not if you are serious about your website you need SSL.

Levels of SSL Validation.

The companies that issue SSL certificates are called Certificate Authorities (CA). When the CA issues an SSL certificate to a website, it needs to verify the website’s identity. There are three levels of validation.

Domain Validation. (DV)

Domain validation has the lowest level of validation. In this case, the CA simply verifies that the applicant has control of the domain in question. This is usually done by uploading a file to your server or changing a DNS entry. If you can display ownership of the domain you will be issued a DV SSL certificate. You will usually receive the SSL certificate the same day. These certificates are low priced or free, in this case, which I will show you below.

non-secure example

Marked as insecure by Google.

Organization Validation. (OV)

Organization Validation is one step above Domain Validation. You will still have to demonstrate ownership of the domain but there are few additional steps. If you want an OV SSL certificate, you will need to submit the documentation requested by the CA and they may call you to for further verification. This process can take up to a few days. These are moderately priced but can vary widely depending on the company.

Secure website example

The padlock shows that the site is secure.

Extended Validation. (EV)

Extended Validation is the most strict type of validation. The CA will perform an in-depth check to verify that you are a legal entity, that you operate at the physical location you claim to and other checks that they feel necessary. You may be required to do this on a yearly basis. These are the most expensive and are usually issued in 3 to 5 days but can take longer.

ev ssl certificate

The padlock with the company name next to it shows that this site has an EV SSL certificate.

What Type of SSL is Right for My Website?

If you run a small blog or personal static website a DV SSL is going to be just fine. If you have a mid-size company or a small eCommerce store, go with an OV SSL. If the website is for a large corporation or large eCommerce store then step up and get the EV SSL certificate.

How to Get a Free SSL With Let’s Encrypt & ZeroSSL.

ZeroSSL now requires an account to get a free SSL certificate.

  1. Create an account or login to your ZeroSSL account dashboard.
  2. Next to Create SSL Certificate, click New Certificate.

zero ssl dashboard

  1. Enter the domain name and click Next Step.

ssl certificate setup

  1. Select the 90-Day Certificate. (If you want the 1-Year Certificate they will charge you)
  2. Click Next Step.

ssl validity

  1. Under CSR & Contact, select Auto-Generate CSR.
  2. Click Next Step.

auto generate csr

  1. Select the plan you want to use and click Next Step. I am using the Free plan.
  2. Wait while it generates your SSL Certificate.

http verification

How to Verify Ownership of Your Domain via HTTP File Upload.

I don’t have an email address set up on this domain so I will show you how to verify with HTTP File Upload. If you want to use email just follow their instructions.

  1. Click Download Auth File.

HTTP Verification

  1. Upload the verification files to your server in this location: webroot/.well-known/pki-validation/.
  2. The next few sections explain how to upload these files. If you don’t need instruction through uploading the files, please skip to Complete the Verification Process.

About the cPanel Folder Structure.

The root directory in cPanel contains system folders that, with the exception of public_html, are not accessible on the web. The public_html directory is in the root and it is where your main cPanel domain name is pointed. You can also create subdirectories to host additional websites in the public_html directory.

a. webroot is how I will refer to the directory that your website is in.

b. .well-known is simply the name of a directory or folder in the webroot. If it is not already in the webroot you will need to create one.

c. pki-validation is also the name of a directory and you will probably need to create it. The pki-validation directory will need to be placed inside the .well-known directory.

How to See if You Have a .well-known Directory via cPanel.

  1. Login to cPanel.
  2. Click on File Manager.

cpanel file manager

  1. Double click on the icon to the left of the public_html directory.

public html folder

  1. If your website is not in this directory, navigate to the directory that contains your website.

Note: The .well-known directory is a hidden directory so just because you don’t see it doesn’t mean it’s not there.

  1. If you don’t see the .well-known directory, click on Settings in the upper right corner.

cpanel settings

  1. Select Show Hidden Files (dotfiles).

cpanel preferences

  1. If the .well-known file magically appears in the file manager, skip to Create an pki-validation Folder.
  2. If you still don’t see the .well-known directory, you will need to create one.

Create a .well-known Directory via cPanel.

  1. While in the webroot of your website click on +Folder in the upper left corner.

add folder

  1. Enter .well-known into the New Folder Name field and click Create New Folder.

well-known

How to See if You Have a .well-known Directory via FTP.

  1. Make an FTP connection to the website. Detailed instructions if needed: How to Make an FTP Connection with FileZilla.
  2. Navigate to the directory that contains your website.

Note: The .well-known directory is a hidden directory so just because you don’t see it doesn’t mean it’s not there.

  1. If you don’t see a .well-known folder, make sure your hidden files are visible.

well-known folder

  1. I’m using FileZilla. The setting for hidden files is under Server in the top bar. Select Force showing hidden files.

force showing hidden files

  1. If the .well-known file magically appears in the file manager, skip to Create a pki-validation Folder.
  2. If you still don’t see the .well-known directory, you will need to create one.

Create a .well-known Directory via FTP.

  1. Make an FTP connection to the website. Detailed instructions if needed: How to Make an FTP Connection with FileZilla.
  2. Navigate to the directory that contains your website.
  3. Left click in the webroot and click Create Directory.

create directory graphic

  1. Enter .well-known into the field and click Ok.

filezilla create directory

Create a pki-validation Folder Inside the .well-known Folder.

  1. If there is already a pki-validation folder in the .well-known directory, skip this section.
  2. Enter the .well-known directory.
  3. Use the same method you used above to create a new directory and name it pki-validation.

How to Upload the Verification Files.

  1. Enter the pki-validation directory.
  2. If you are using FileZilla you can just drag and drop these files into the pki-validation directory.
  3. If you are using the cPanel File Manager click Upload in the upper right corner and upload the files.

upload cpanel

Complete the Verification Process.

  1. Once you have uploaded the file, go back to the Verify Domain window on the ZeroSSL website.
  2. Click on the link after Make sure your file is available under the following link: to verify that the verification file is in the right place. You should get a new browser window open that displays the verification text string.

zerossl verification screen

  1. If your verification passes, click Next Step. If not you may have the verification files in the wrong folder.
  2. Click Verify Domain.
  3. Click Download Certificate (.zip)
  4. Extract the .zip file on your desktop or another location you will remember.

How to Install a Free SSL Certificate via cPanel.

  1. Login to your cPanel account.
  2. Locate the Security section and click on SSL/TLS.

cpanel security section

  1. Click on Manage SSL Sites.

manage ssl sites

  1. Under Manage Installed SSL Websites, find the domain name in question and click on Update Certificate.

manage ssl websites

  1. Copy the FIRST BLOCK of text from the domain.crt file and paste it into the Certificate:(CRT) field.
  2. Copy all of the contents of the domain-key file and paste it into the Private Key field.

csr private keys

  1. Click Install Certificate.
  2. You now have a secure website.

 

Additional Posts.

2 comments
  1. MS Glow Beauty Care - Menjual Produk Kosmetik
    MS Glow Beauty Care - Menjual Produk Kosmetik
    March 27, 2020 at 10:37 pm

    Just wish to say your article is as astounding.

    The clarity in your post is simply great and i could assume you’re an expert on this subject.
    Fine with you permission let me to grab your feed to keep updated with forthcoming post.
    Thanks a million and please continue the gratifying work.

    Reply
  2. Gerry Nowosadko
    Gerry Nowosadko
    April 1, 2020 at 4:24 pm

    I have long looked for How to Install a Free SSL Certificate (Let’s Encrypt) @ TwentySixForty article, it is the BEST content, full of ideas and very useful!!
    Thank you for this information, good luck!

    Reply
Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest

Share This