Have you noticed your website says it’s insecure so you’re freaking out?
Yes, Google is at it again with another change that’s going to cost us money! Well, maybe not. In this video, I’m going to walk you through how to install a free SSL certificate on your WordPress website.
If you’re reading this post, it’s most likely because you may have noticed at the top left corner of your website, it says “Not Secure” which means that people visiting your site might be a little nervous and may not want to buy from you or enter their personal identifiable information.
And that’s understandable. I’m sure that if you were online ready to make a purchase and the website was not secure that you would not want to leave your name, email or any other information, especially a credit card.
So how do we fix it. It’s a little tedious but I walk you through the exact steps you can take to do it for free. The example I’ve provide is using GoDaddy as the host. There are some links at the bottom of this post if you’re using another host.
Note that SSL certificates can also be provided by your host, in fact some hosts will include an SSL certificate for free while others will charge an annual fee, such as GoDaddy. If you’re able to spend $60-$70 per year, I recommend you go that route. If you manage multiple websites where that money is adding up then this is a free option. You need to install what’s called an SSL Certificate.
According to GoDaddy, an SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and encrypts information sent to the server using SSL technology. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key. Think of it as an electronic passport that establishes credentials when doing business on the web.
How do you know a website is credentialed and has an SSL certificate? Instead of http, the URL will begin with https…let me show you.
Ok, so let’s get started with how to get https for free:
*If you’re having any difficulty following the written directions below, please watch the video where you can watch what I do. There are parts of the video that have been pixelated but feel free to leave a comment if you’re still stuck.
Step 1: Go to https://www.sslforfree.com/ and enter the website that
you want to get a certificate for.
Step 2: The next screen will display three options: Automatic FTP (Enter FTP information to automatically verify the domain) Manual VIP
Verification (Upload verification files manually to your domain to verify ownership), and Manual Verification DNS (Use this if you cannot verify
through a web server or port 80 you will add text records to your DNS server). Select the 2nd option.
Step 3: Click on the button that reads Manually Verify Domain”
Step 4: Now it’s time to go to your host site and navigate to your cPanel. From your cPanel, go to the File Manager.
Step 5: Next, create a new folder in the root folder. Name the new folder “.well-known”. (without the quotation marks).
Step 6: Create a new folder in the .well-known folder you just created and call it “acme-challenge” (without the quotation marks).
Step 7: Go back to the SSL for Free website and download the two files and then upload them to the acme-challenge folder you created in your cPanel.
Step 8: Verify the content of each file you just uploaded to acme-challenge folder by opening it. If it’s a line of random numbers/characters, you’ve done it correctly.
Step 9: Now that you’ve verified the two files are correct, from the SSL for Free website, click on download SSL certificate.
Step 10: Create an account if you want so it will remind you of when your certificate is going to expire.
Step 11: You’ll see 3 boxes with what appears to be a bunch of random text (Certificate, Private Key, and CA Bundle). Nothing to do but go back to your cPanel.
Step 12: From the cPanel, scroll down until you see your security options and click on “SSL/TLS” and you’ll notice several different options. Under “Install and Manage SSL for your site (HTTPS)” click on “Manage SSL sites” then select your domain.
Step 13: Then you’ll copy and paste each section where the random text from the private key will be pasted into the box for the private key on your cPanel, and so on.
Step 14: Click on “Install Certificate”
Step 15: Go to your Internet browser and type in your web address. It may take a few minutes to take effect however it should have the “https.”
Now that your website is secure, your visitors will feel more comfortable when there!
There are a few things to know about this process.
When you go this route, the certificate is only good for three months. I suggest that you set yourself a reminder in Google or whatever calendar system you use so that you don’t forget. I also recommend that you create an account at the Free SSL certificate website.
You should also make sure to update other places such as Google Analytics, Google Search Console so that your analytics can track properly.