Back in 2014, Google announced on the Official Google Webmaster Central Blog that HTTPS would be used as a ranking signal.
It is part of Google’s effort to help make the internet safer. They referred to this effort as “HTTPS Everywhere.” Google now uses HTTPS as a ranking signal which means websites that have an SSL certificate will likely rank higher in the SERPS (search engine results pages.)
That being said, I took advantage of the Black Friday sale that happened yesterday at NameCheap (my domain registrar of choice) and bought a few SSL certificates at 90% off for a whopping $0.88 cents a piece!
Below, I will show you how I installed the SSL certificate on this blog which is hosted by HostGator. The process was very simple and took about 10 – 15 minutes.
How to Purchase an SSL Certificate
The first thing you will need to do is buy an SSL certificate. SSL stands for “Secure Sockets Layer”. It is a web security protocol that helps to protect your visitor’s sensitive information against fraud and identity theft.
You will notice that e-commerce websites use SSL on their shopping carts. You can tell when a website is using SSL when you view the URL at the top of your browser window. The URL will begin with “https://” as opposed to “http://” (without the “s” at the end.)
Even though my hosting provider sells SSL certificates, I chose to buy mine through NameCheap because they offer a certificate that is suited to personal websites at a really good price. Right now, the PositiveSSL package they sell costs $9 per year.
When you’re on NameCheap you’ll want to click on “Security” on the top menu and then click on “SSL Certificates” in the drop-down menu. Choose the certificate package that best suits your needs.
Chances are if you run a personal blog similar to this one, the PositiveSSL package is the one you’ll pick. Once you go through the purchase process, you will want to activate your certificate.
Obtain Your CSR From Hostgator
A CSR stands for “Certificate Signing Request.” You will need to generate this from HostGator. It is a piece of text that you will have to copy and paste into NameCheap where you are activating your SSL certificate.
I went to the following URL below to generate my CSR for this domain:
Note: HostGator will also provide you with an RSA Private Key which you will also need to paste into your SSL activation with HostGator later below.
Once I got the CSR text, I copied and pasted it into the text box over on NameCheap where I was in the process of activating my SSL certificate.
After I submitted my CSR, NameCheap needed to verify my domain. I had three options to choose from to include by email, HTTP, or DNS. I chose HTTP which required downloading a file which they provide and uploading to the root directory of my domain.
Download Your SSL Certificate and Install on Hostgator
After verifying my domain, I checked my email and Comodo (the SSL certificate provider used by NameCheap) sent me two emails.
One email was to download and install the Comodo Secure trust logo. They have easy instructions on how to do that and it only took a few minutes.
The second email was the actual SSL certificate which was attached as a ZIP file. When I opened the ZIP file there were two files inside.
You will need to log into your HostGator customer portal. Click on the “Hosting” tab at the top of your admin area and then “SSL Certificates” below that. Scroll to the bottom and you will see the option to install a third-party SSL certificate like so:
HostGator charges $10 to install a third-party SSL certificate. When you click on the install button you will be presented with three text boxes:
- One for the SSL certificate text
- One for the RSA Private Key text
- One for the SSL ca bundle text
Remember, the RSA Private Key is provided when you generate your CSR through HostGator. The SSL certificate is provided by email in a ZIP file from Comodo (the SSL certificate provider used by NameCheap.)
After you copy and paste the text in each appropriate box and submit, you are done! The next step is to redirect your website to use HTTPS rather than HTTP when someone visits your website.
If you’re using WordPress, you can change this option under “Settings” -> “General” and change your URLs to use “https://”.
If you installed SSL on an already existing website, you may also need to update your .htaccess file to redirect visitors to your secure URL. I followed the example I found here.
Be sure to check out the SSL Certificate pricing over at NameCheap. They seemed to have really good pricing which is why I chose to buy my certificate there rather than through my web host.
I hope this explanation wasn’t too confusing and has helped you to install SSL on your domain using HostGator and NameCheap. Share your feedback in the comments below!