Today’s topic: How to Get Free SSL Certificate for My Website. Google has been working carefully to make the web safer and has now begun to mark websites as “Non-Secure” that do not have an SSL certificate installed but still exchange user data. so, it has now happened a must to serve your website over HTTPS/SSL to secure your visitors’ data and also to show that your brand cares about security. Coming to Chrome Push Notifications, although not a need, SSL is recommended for your main domain.
There are a lot more benefits to adding an SSL certificate to your website with improving your search rankings. In this post let’s dive deep into SSL certificates, their types, and how thou can set up a free SSL (Cloudflare) on your website.
What is an SSL Certificate?
On most websites today, you will see that they start with “HTTPS://” in the URL with a green padlock saying secure, that’s due to the use of an SSL certificate. But that’s not just for indication, there is a lot going on behind the scene.
SSL (Secure Sockets Layer) helps set an encrypted link between your web server and the website visitor. This makes sure that all data passed in the two is private and no one in the middle has access to it. Even if someone handles to tap the connection, the data will be of no use to them, as it is encrypted end-to-end.
Coming back to the SSL certificate, it is a small file that mixes a cryptographic key with your organization and domain’s details. It is installed on the server to enable HTTPS protocol and based on the type of SSL certificate used, the Certificate Authority makes several checks on the organization’s information. The browser and Operating system sellers work with these Certificate Authorities to embed the Root Certificates (from which the SSL certificate is derived) within their software so that the certificate can be authenticated and a secure connection is founded between the web server and the end-user.
With an insecure HTTP connection, third parties can snoop at the traffic passing between a web server and the browser to collect private data including email addresses, passwords as well as usernames. That is the reason why Google, security experts are pushing for the use of SSL on websites so that you get peace of mind that even the most basic data is secure from being intercepted.
Do I Need an SSL certificate on your website?
While eCommerce websites, banking institutions have been using SSL for a very long time – small and medium enterprises, personal websites, blogs are starting to get behind the idea now. Apart from the main good of securing user information and prevention of data leak, one of the major Ranking factors has been the Google webmaster guideline. It states that SSL will be deliberated as a ranking factor in their search algorithm. This was published back in 2014 and since then many websites have begun transitioning to HTTPS.
So websites with an SSL certificate are tied to get a boost in SERPs. though it may not be a huge Google ranking factor, it is surely a positive signal. Moreover, recently Google Chrome, the single most widely used browser on both desktop and mobile also started showing HTTP pages that collect passwords or credit cards as “Non-Secure”.
This would certainly have an influence on your visitors who would think twice before entering any data on a website which the browser calls non-secure. You would definitely not want thy in your URL bar.
What are the various types of SSL Certificates, which one should you get?
Broadly, there are ternary types of SSL certificates:
- Extended Validation (EV) SSL Certificates
- Organization Validation (OV) SSL Certificates
- Domain Validation (DV) SSL Certificates
All three disagree on the security and validation they offer along with cost. Since this post is as regards a free SSL certificate, I don’t want to deviate to the premium offerings but here’s a gist of what the three offer.
Extended Validation SSL Certificate
These are issued to the economy are the Certificate Authority verifies the exclusive right of the organization to use the specified domain name along with the following:
- Physical, Operational life of the organization along with legal identification.
- Authorization with the company for issuance of the EV SSL Certificate.
Organization Validation SSL Certificate
because of an OV SSL Certificate, the CA (Certificate Authority) will assess the right of your organization to use the domain name. Some of the other checks alluded to for EV SSL certificates may also be carried out. Your website visitors will be able to view information about the organization.
Domain Validation SSL Certificate
This is the most primary form of an SSL certificate. Your right to use the domain name will count. Users/visitors will be able to view information about the encryption. Details about your organization are not shared.
How to secure your website with a free SSL certificate?
The easiest way to get a free SSL certificate for the website is to sign up for Cloudflare.
Step 1: Create an account on Cloudflare
Enter your Gmail and Password click on ‘Create Account’
Step 2: Configure your website/domain
Add your Domain complete website URL and click on Scan.
Cloudflare will now scan your website. Click on ‘Continue Setup’ once the scan completes.
Step 3: Configure your Website DNS Records
Once the scan is done, thou will see an orange cloud next to your main domain. That means the configuration is correct. Mail and FTP are bypassed by Cloudflare and should show grey clouds.
If thou see the primary domain with an orange cloud, then click on ‘Continue’.
Step 4: Select a CloudFlare Plan
like most websites, the Free Plan would be enough. Just select it and click here ‘Continue’.
Step 5: Update your NameServers
you need to point your NameServers to Cloudflare. To do this thou would have to log into your domain registrar account, find the setting to change the NameServer.
Delete the current entries, and add the DNS that CloudFlare provided.
Once thou have changed the NameServer, come back to CloudFlare and click on ‘Continue’. However, this may take up to 24 hours for the NameServers to propagate.
Step 6: Set up SSL for your website
While your NameServer is an entity set up, you can get to SSL configuration. Scroll down to Settings Summary and thou will see SSL: Full. Click on Full and you will be conducted to the ‘Crypto’ page.
after, the SSL option, there is a dropdown list. Select ‘Flexible’ from there. This SSL Certificate will be issued in an hour or so. Thou can check the status from the ‘Crypto’ page once it is issued.
Step 7: Redirect traffic to HTTPS
This is the final step of the configuration. We will be setting up a page Page rule to redirect all traffic of your website to HTTPS.
Of the website view, click on Page Rules from the top of the page. well, we need to add a couple of rules here.
You need to add www.yourwebsite.com/* and yourwebsite.com/* separately, and for each of these URL patterns select ‘Always Use HTTPS’. One thing to remark here is that this option will only be available once the SSL certificate is issued.
The configuration wish takes a few minutes to go through. Once done, thou can then open any page on your website, and it will open on HTTPS. ” How to Get Free SSL Certificate for My Website “