A valid SSL certificate can bring a lot of benefits to your website. For starters, you can gain the trust of your visitors (or customers) with a valid SSL certificate. Seeing a secured connection to and from your server will increase their confidence in completing transactions or filling out forms with personal information. SSL certificates can also boost your site’s SEO performance, especially since Google and other search engines are now prioritizing secured websites. Before you can enjoy these benefits, however, you need to set up your own SSL certificate or find a company who does it.
To get started, you need several things:
In the previous part, we talked about how you need a valid SSL certificate to implement SSL security. There are three main types of SSL certificate you can choose from:
These are the steps to take when you want to implement an SSL certificate on VPS hosting:
Don’t forget to configure your firewall to allow access from port 443 (HTTPS). You may also need to reconfigure Apache, Nginx or Varnish to work with HTTPS requests, both on a server level or for each individual domain name you use.
What You Need
To get started, you need several things:
- A domain name. An SSL certificate is attached to a single domain name and will only work for that domain, so you need to select the domain name you want to secure before you can move forward.
- With an active domain name in place, you also need proper DVR or Domain Validation Rights. You simply need to have access to one of the registered administrative email addresses for the particular domain name you want to secure. The SSL certificate issuing body will then verify ownership or right to secure said domain name.
- An SSL certificate. You can purchase an SSL certificate from any of the issuing bodies. Some SSL certificates are more expensive than the others, mainly because they are issued by a company or auditor with superb reputation and history. It is also possible to get an SSL certificate for free from entities such as Let’s Encrypt.
Types of SSL Certificate and Validation
In the previous part, we talked about how you need a valid SSL certificate to implement SSL security. There are three main types of SSL certificate you can choose from:
- Single Domain Certificate, which can be used for a single domain. You can use it to secure yourdomain.com, but additional subdomains (including www.yourdomain.com) are not included in the certificate.
- Wildcard or Multiple Subdomain Certificate, which – as the name suggests – can be used to secure everything under your domain name. Both yourdomain.com and *.yourdomain.com are covered by the SSL certificate. For example, you can set up store.yourdomain.com with proper SSL encryption.
- Multiple Domain, used to secure multiple domains, such as yourdomain.com, yourdomain.net and yourdomain.org. You can also apply SSL security to all subdomains related to the registered domain names.
Implementing the SSL Certificate
These are the steps to take when you want to implement an SSL certificate on VPS hosting:
- First, you need to generate your own CSR and Private Keys. CSR or Certificate Signing Request key and private key need to be submitted when you are purchasing the SSL certificate later. You can generate these keys using OpenSSL on your server and a simple command.
- The result of the previous step is a key file with .csr extension. This is the file that you need to submit to get a valid SSL certificate. Another file generated from the previous step is your private key (.key). You need to keep this file secure.
- Next, get a valid SSL certificate. The purchase method depends on which provider you use. However, you will be asked to submit the .csr file for your domain name to get a valid SSL certificate in return.
- At this point, you will be asked to complete a domain verification process. Simply check your administrative email address – the one registered when you register your domain name – and follow the steps.
- Download your SSL certificate. You are not ready to deploy SSL security on your VPS.
Don’t forget to configure your firewall to allow access from port 443 (HTTPS). You may also need to reconfigure Apache, Nginx or Varnish to work with HTTPS requests, both on a server level or for each individual domain name you use.