Install A Free SSL Certificate on your WordPress site

Home / Beginner SEO / Install A Free SSL Certificate on your WordPress site

If you are serious about search engine optimization, whether you own your own site, or are a marketing professional, you know that SSL is important to Google.

An SSL certificate gives you the little “Secure” icon in the browser address bar.  Not only does it reassure your site visitors that your site is secure, it also helps with your Google (and other search engine) rankings.

How do you know if your site has a certificate installed

The easiest way is to browse to your site and look in the address bar.  In the left you should see a little lock, or the word “secure” depending on your browser:

How Chrome displays sites that use SSL

How Edge displays sites that use SSL

How Firefox displays sites that use SSL

Do you need to purchase a certificate from your hosting provider?

The answer to this question depends on your level of involvement and your hosting provider.  For example, where my site is hosted, they use a program called “AutoSSL” which allows me to install a certificate for free.  It also manages the renewal of said certificate.

GoDaddy offers SSL certificates, but you have to pay for them.  Other hosts have similar arrangements.

So first, check with your host to see if you do have to pay for one, or if they offer a free one.   If they don’t offer a free SSL certificate, you can still install your own using this handy guide, but auto-renewal is not an option.  That’s why your level of involvement is important.

If you are comfortable renewing the certificate yourself following this guide, then opt for the free one.  But if you aren’t, then purchase one through your provider, or some other SSL provider.

How to set up your own free SSL certificate

I’ve been looking for an option like this for a while. I have client hosted on GoDaddy that don’t want to pay for a certificate that others offer for free.  But now, you don’t have to pay!  These are the steps to follow to get your own certificate, and then install it.

You will also need cPanel or FTP access to install the certificate and associated files.  You will need to be able to create directories within your website installation to complete the process

It’s actually pretty easy and totally free.  It only takes a few minutes.

Step 1 – Generate your free certificate

Go to https://zerossl.com/ (link opens in a new browser tab) and click on “Online Tools”:

Then Press “Start”

You will be redirected to this screen:

In the “Domains” box on the right, add your domain twice – once with and once without www.  Put a comma between them like:

purposedrivenpromotion.com, www.purposedrivenpromotion.com

Then check the 2 boxes below:

And hit “next”.  It will start generating what you need to install your own SSL certificate.  This may take a minute or 2 so be patient.

When the process completes you will get a message box in the lower right:

Then hit the download button (that’s the “down arrow” you see in the certificate window:

You will be prompted to save the “domain-csr.txt” file.  Then hit “next”

The system now generates your “account key”.  This may take a minute or 2 again,  and you will see another message box when that is complete.

When it’s done hit the download in the left-most window and download the “account-key.txt” file.  Then hit “next” again.

Here you will see the verification screen:

That has 2 more files to download.  These files are used to prove ownership of the domain.  Download those 2 files that appear to be a bunch of random characters.

DO NOT CLOSE THE ZEROSSL WINDOW YET!  Keep it open and either open another tab for your cpanel, or your FTP program, and connect to your site.

Step 2 – Verify Ownership of your site:

Now that you have generated the certificate, and have all the files you need, you can log into your site’s hosting.  In this tutorial I will use GoDaddy’s cPanel to install the certificate.

Open your file manager:

And browse to the “public_html” folder of your site.  If you host multiple sites on the same server you may need to select that site’s location first.

Once in the site’s home folder, create a new folder called “.well-known” (the dot in front of the folder name indicates that it will be a hidden folder)

And press the “Create New Folder” button.

Once that is done, click the new folder you’ve just created.  If you can’t see it, that isn’t a problem, simply click the “Settings” button at the upper right of the file manager window:

And check the “show hidden files” option, then save:

You should now be able to see the new folder you created (and perhaps some other hidden folders you never knew existed.

Click (or double click) the “.well-known” folder and create a new folder in here called “ acme-challenge”.

Once that folder is created, click into it and upload those last 2 files into it – the 2 that seem like random characters.

Now you should see your 2 newly uploaded files in the directory you just created.

Step 3:  Complete ownership verification:

Now go back to the browser tab holding the zerossl page and click on the FILE NAMES (the long string of characters) beside the download button.  This will open those 2 files you just uploaded.  If you have uploaded them correctly, you will see a page with a bunch more random characters.

Once you see those pages, it means you have installed them correctly.  Back on the  zerossl page, hit next and it will confirm if you have set everything up correctly so far:

Take note of your account number.  You may need it in the future to recover your key.

Scroll down a bit on this page and you will see 2 more things to download:

Hit the download buttons on these so that you have backups.  DON’T CLOSE THIS WINDOW YET BECAUSE YOU STILL NEED IT.

Step 4:  Install your new SSL certificate

It is now time to install your certificate.  Go back to your cPanel and look for the “Security” section:

And select the “SSL/TLS” item

Here. You want to select “Manage SSL sites” under “Install and Manage SSL for your site (HTTPS)”

Scroll down until you see “Install an SSL Website” and select the domain you just set up.  Again, if you host multiple sites within your hosting, make sure you pick the right domain.

Go back to zerossl and click the “copy” icon:

Beside the “Begin Certificate” and then head back to your cPanel and paste that into the “Certificate: (CRT) box.  You will get a warning that it’s invalid because there is a section of that you need to remove.

In fact what you have done is pasted the data for 2 of the boxes into a single box.  But that’s ok.  Simply scroll back up in the CRT window until you see”

—–END CERTIFICATE—–

 

—–BEGIN CERTIFICATE—–

And select all from the lower “—–BEGIN CERTIFICATE—–” to the end.  Copy it (Hit Ctrl and “C” on your keyboard), the delete that section.  You should now see that it’s correct by showing you an issuer, key size and expiration.

Now take what you’ve removed (it’s still stored in your computer memory), and scroll down to the “Certificate Authority Bundle: (CABUNDLE)” box and paste (Control + V)

Finally, grab the Private Key from zerossl – that’s the box below the one above that you just copied.  Hit the copy button again, then head over to your cPanel and paste it into the “Private Key (KEY)” box.

Now hit the “Install Certificate” button

And if it’s installed correctly you will get a popup window that says:

You should now be able to browse to your website using https instead of http to confirm that it’s set up correctly and working.

Step 5:  Set up your site to permanently use SSL

Now that you have SSL set up, there are 2 ways to ensure your site uses it.  The first, and most easy I’ve found is to install a plugin called “Really Simple SSL”.  It configures your site to use SSL and ensures all URLs are served using the secure certificate. This includes scripts, css files, images and more.

Alternatively, you can edit your .htaccess and add these lines:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

That’s it!  You have just installed a working SSL certificate on your site.  The only thing to do is set yourself a reminder to renew your certificate.

Step 6:  Renewing your SSL Certificate

Renewing your certificate follows many of the same steps as creating the new one.  Go to https://zerossl.com/  and click on “Online Tools”:

Open the CSR backup you saved and copy the contents into the right window.

Open your domain key file, copy it and paste into the leftmost window.

Click the 2 boxes below the right window and hit next

Download the 2 files it generates.

Log into your cPanel again.  Use the file manager to browse to the .well-known/acme-challenge folder and upload the 2 new files.

When complete test them again by clicking the links on the zerossl page.  If they show the pages with the random characters, hit next.

Download the backup file again and then install the new certificate using step 4 above.

If, after reading all this, you don’t feel you are ready to tackle this yourself, why not contact us and let us help you?

 

 

Related Posts