An SSL certificate is a standard technology that encrypts the data communication taking place between the browser and the server. It encrypts the transferred data from the web browser to the server.
Once the SSL is installed on your web server, it converts HTTP protocol to HTTPS, where the additional ‘S’ means Secured.
A website secured with an SSL certificate will show a lock symbol in green color or “Secure” word along with HTTPS protocol.
An SSL certificate saves your website from a middleman attack, which is a severe threat to website owners.
Most people skip the usage of SSL certificates on their website because of the high prices and renewal charges of an SSL certificate.
But what most people do not know if they can get a fully working free SSL certificate .
Yes, you read it right. You can get a fully working SSL certificate for your website at absolutely zero price.
It is made possible by Let’s Encrypt, who provides a fully working SSL certificate for free.
What is the use of an SSL certificate?
The primary purpose of an SSL certificate is to secure the data communication taking place between the browser and web server.
Even Google has confirmed an SSL certificate as a parameter to boost the ranking of a website.
If you perform an online transaction or have a login and registration system, an SSL certificate will help you secure the private information of your visitors by encrypting them.
Also, if your site is not secured with an SSL certificate, Google will flag your site as insecure and warn the visitors before visiting your site.
Here is a list of reasons why you should have an SSL certificate on your website, even if you don’t sell anything or do not have any login or registration system.
- To encrypt the data being exchanged from browser to server and server to browser
- To encrypt the data exchange between server to server
- To prevent your website from getting hacked
- SSL certificate helps to improve the authority of a website
- Google has made SSL certificate one of the search engine ranking parameters
- It helps to increase the trust level of your website among your visitors
Free vs. Premium SSL Certificate
If your website is an information-sharing blog or some business website, then you can opt-in for the free SSL by Let’s Encrypt. It provides all the essential security required to keep a website secured.
But if your website is an e-commerce site or site where the user fills in their private data, it must be secured with a paid SSL certificate.
A premium SSL certificate supports additional security. Various companies sell paid SSL certificates such as Comodo, Symantec, GeoTrust, etc.
4 Types of SSL Certificates
The SSL certificates are of three types based on their validation levels. All three types of SSL certificates are explained below:
i. Domain validated SSL certificate
The domain validated SSL certificates are relatively easy to obtain. It would help if you validated the ownership of your domain to get this SSL certificate.
You can get a domain validated SSL certificate free of cost. This SSL certificate is acceptable for simple information and blog sites, but it is not recommended for e-commerce websites.
ii. Organization validated SSL certificate
This is the next level SSL certificate, which is only given to organizations and companies. You need to have a registered company or organization if you want to buy an organization validated SSL certificate.
Also, the SSL certificate authority checks the organization details before providing you the certificate. An e-commerce website, at least, should have this type of SSL certificate.
iii. Extended validated SSL certificate
An Extended Validated SSL certificate is the most secure and best certificate. The browser displays the organization name before the URL while visiting the site secured with an Extended validated SSL certificate.
5. What is let’s Encrypt?
Let’s Encrypt is a certificate authority that provides a free SSL certificate to website owners. It was founded by an internet research group to secure the website.
Seeing the objective of the group, it was instantly backed up giant companies like Facebook, Chrome, Mozilla, Cisco, and Sucuri.
The primary goal of this project was to secure the web and provide an SSL certificate for free.
Let’s Encrypt automated installer known as Certbot helps you to add an SSL certificate on your website within a few minutes—this project aimed to provide an SSL certificate for free for all.
6. Let’s Encrypt On WordPress website
You can obtain a free SSL certificate for your WordPress website from Let’s Encrypt. It is recommended to secure your WordPress website with an SSL certificate.
Also, it is free, so you won’t have to pay any charge to have a Let’s Encrypt certificate on your website.
Along with the improved security, it also increases the trust level of your website among your visitors.
Even Google has made an SSL certificate as a ranking parameter for every website. Hence, you must have an SSL certificate on your WordPress website to make it secure.
7. What is the best way to Install an SSL certificate on a WordPress website?
There are various ways you can install an SSL certificate on your WordPress website. The best method to install an SSL certificate on your site is by selecting a web hosting provider with a free SSL certificate in their plan.
Almost all primary web hosting provider provides free SSL certificate with their hosting plan.
Bluehost is the most reliable web hosting provider which offers free SSL certificates with every hosting plan and every domain hosted under them.
If you already have purchased Bluehost web hosting, you can directly jump to the SSL Installation part.
If you have not purchased web hosting yet, follow the below steps to purchase a Bluehost web hosting for your website.
- Go to Bluehost.com
- Click on Get Started. You will see different web hosting plans there. Bluehost has four other shared hosting plans. Every shared plan is optimized for hosting a WordPress website.
- If you are looking to host just one website, you can go with the basic plan. If you need more, you can upgrade according to your need and requirement.
- Sign up, filling in your details, and complete the payment.
Once you have purchased the web hosting, connect your domain, and set up your website. Now, to activate an SSL certificate on your website, follow the given below steps:
i. Login to your Bluehost Account:
The first step you need to do is log in to your Bluehost account. Once you are logged in
- Go to My Sites
- Select the domain on which you want to install an SSL certificate
- Go to Manage Site
- Click on Security Tab
- Check ON to activate SSL certificate on your domain
Once you have turned the ON SSL certificate from the back-end, it will take somewhere between 15 minutes to 4 hours to activate on your website.
ii. Check your Mail Box
Once you have turned on the SSL security from Bluehost Cpanel, you will get an email to your registered email address to validate your WordPress free SSL.
The email will ask you to verify the ownership of your domain to go ahead with the installation and activation of an SSL certificate on your website.
Proceed with the steps mentioned in the email to activate an SSL certificate on your website.
iii. Bluehost SSL configuration with WordPress
By now, you must have installed an SSL certificate on your WordPress website. Your website must be showing a green padlock while switching to https.
To finalize the redirects to https, you need to change the URL of your WordPress website.
To change the of your WordPress website, please follow the given steps:
- Login to your WordPress admin panel
- Go Settings > General
Scroll down to WordPress Address (URL) and Site Address (URL) sections
It should look something like this:
Now, replace HTTP with HTTPs in the text fields of both sections.
Click the Save changes to complete the setup.
Updating the WordPress URL on the existing Websites
If you have already installed an SSL certificate on your WordPress website, but still the link is opening as HTTP.
Then, it may be because of the link shared using the HTTP protocol. It would help if you changed the HTTP to HTTPs like given above.
After completing the steps mentioned above, your website is now secured with an SSL certificate, and all your web pages will open with HTTPs protocol now.