The free SSL prevents warning messages from appearing when visitors view your site and displays the lock pad for security reasons.
With a certificate SSL, your site can use the HTTPS protocol to securely transfer information from one point to another. This is vital when transferring sensitive information such as credit card data to purchase integration pages or login / registration forms.
It is also important to understand that SSL does not protect your site. This guide is only designed to show novice users how to develop a free certificate SSL by ZeroSSL / Let's Encrypt / SSLFORFREE for their websites.
Types of certificates SSL
- Domain Validated (DV) - DV certificates only need the certificate authority to verify that the user requesting the certificate owns and manages the page. Visitors will see a lock icon in the address bar, but will not have specific information about its owner.
- Organization Validated (OV) - The OV certificates confirm that the applicant company is registered and legal. When visitors click on the green lock icon in their browser, the business name is displayed.
- Extended Validation (EV) - EV certificates require even more documentation to validate the organization from the certification authority. Visitors will see the business name inside the address bar (except clicking on the lock icon). However, most updated browsers no longer display EVs.
Step 1 - Subscribe to ZeroSSL.com and add your page to the New Certificate area, as shown below:
Step 2 - In this step, you can select, 90-day certificate validity, or 1-year certificate validity.
Step 3 - Now before finalizing it, it will automatically generate contact information and csr for your certificate. If you want to change or edit any information, then clear this option.
Step 4 - Based on your choice for 90-day Certificate SSL, select "Free" ($ 0 / month) as an option.
In this FREE program, you can create up to 3 certificates SSL for your various pages valid for 90 days only.
Step 5 - In order for your certificate to be issued, all the domains included in your certificate must be verified. There are three methods that can be used to verify domains:
- email verification
- DNS verification
- file verification
You can use whichever method suits you best, but in this case, go with email verification.
You will receive a verification email at the selected verification email address ([Email protected]) for each of the domains of your certificate.
To issue your certificate, you must follow the steps that appear in the verification email, but it sometimes displays an error related to the DNS CAA registration.
CAA records are DNS records that link to pages that specify which certification authorities are allowed to issue certificates for your page.
If your page does not have CAA records, the system will have no problem issuing your certificate. If, however, your page has CAA records in the file, but none for sectigo.com as a certified authority, the system will not be able to issue your certificate.
To add CAA records to allow ZeroSSL to issue certificates for your domain, log in to your page or hosting service, go to the DNS management section, and add a set of CAA records as shown below:
Step 6 - You will now receive an email to verify your Domain.
Here is the sample email preview, where you have to click on the "Go To Verification Page" and paste the following key.
Step 7 - After completing the email verification process, you will see an option to install the certificate, as shown below.
By clicking on the "Install Certificate" button, you will see a success message "Your certificate has been issued and is ready for installation". Download the certificate zip file SSL and follow the steps below to install it on your page.
After verifying your page, check your email (the one you used in the second step) for a message stating that the certificate SSL has been published. Open it and follow the download certificate link (or click the Start button next to the certificate SSL in the hosting panel).
You can also use the Management tool SSL/ TLS in Control Panel to add certificates SSL on your own. Allows you to manage installed certificates, as well as create certificate signing requests and private keys. To access SSL/ TLS Manager, log in to your cPanel, Security tab, Administrator SSL/ TLS.
Στο SSL / TLS Manager, in the box labeled CRT, Private key and CABUNDLE, paste the contents of all the corresponding files.
The certificate SSL should now be installed and your domain configured to accept secure connections. You may need to restart Apache for it to work, and you may even see the expiration date of the certificate SSL (90 days).
Testing the certificate
Go to https://example.com. You should not receive certificate warnings in your browser.
As a final test, you can browse to https://www.ssllabs.com/ssltest/. Enter your page name and click "Submit". After some time, you will get a full report.
It is also a good idea to check with your browser as it will display a warning if the intermediate certificate is not installed. You should not receive warnings or errors in your browser.