A stress-free guide to securing your site with SSL
Strong security is a priority for most website owners, and SSL certificates play a crucial role in achieving it. By installing an SSL certificate on your site, you’ll ensure that all data sent to and from it is encrypted. Your website users will also avoid the dreaded “site not secure” message web browsers display on sites without SSL. Because of this, having an SSL certificate on your site has become all but mandatory.
Everyone with a website is probably somewhat aware of the importance of SSLs — it’s been a frequent topic on this blog, after all! But that doesn’t change the fact that SSL certificates are kind of intimidating. The SSL installation process can often seem complicated to those who don’t know what they’re doing (and sometimes even for those who do!).
That’s why we want to demystify SSL activation and installation and explain it in the most basic terms.
This article won’t be focusing on the mechanics of how an SSL works or even which type to choose, but what comes after you’ve bought one. For instance, what exactly does SSL activation involve? How do you go about putting an SSL on your site? And what do you do if things go wrong? All of these burning questions will be answered if you keep on reading!
If you do need a primer on all things SSL and guidance on which type of SSL to choose, check out the following articles before reading this one:
Let’s get started.
1. Activating your SSL
After you purchase your SSL, you may notice that you don’t receive the actual certificate right away. That’s because although you bought your SSL from Namecheap (we’ll be presuming you got one from Namecheap for the purpose of this article), Namecheap doesn’t actually issue SSL certificates. That’s done by our partner Certificate Authority (CA) Sectigo (formerly Comodo). CAs are central to SSL certificate management and distribution across the web. They’re in charge of verifying the identities of anyone seeking an SSL certificate, as well as issuing and revoking them.
So, before you get your SSL certificate, you’ll need to activate it so that the CA can verify your identity. To do this, head to the SSL section of your Namecheap account and click the “Activate” button next to the SSL you want to activate.
Activation is pretty straightforward. First, you’ll need to generate two codes: a CSR code and a private key. Generating a CSR will vary based on your website server or hosting panel type. EasyWP users should use this handy CSR generator tool.
Follow the CSR instructions relevant to your server. Once you’re done, make sure you save your private key (which will be generated at the same time as your CSR code) and be sure not to share it with anybody. You’ll need this when you install your SSL certificate. If you lose it, you’ll have to activate your SSL again and go through this whole process once more.
The second crucial part of SSL activation is domain control validation.
2. Domain control validation
Domain control validation (DCV) is how you prove to the issuing CA that you actually own your website (or at least have access to make changes on it). During the activation process, you’ll be prompted to choose one of three DCV options:
- Receive an email
- Uploading a validation file
- Adding a CNAME record
Receive an email
The most straightforward way to complete DCV is the receiving an email option, so we’ll cover that first. With this option, you’ll be a sent an approval email from the CA, which will feature a link you must follow, as well as a code you’ll need to copy and paste into a box on the new page the link leads you to. After that, your validation will be complete.
When you choose this DCV option, you’ll be presented with a list of potential generic emails associated with your website, such as:
If you’re unsure if any of these emails exist, they probably don’t if you don’t remember creating them.
The email you used for registering your domain name should also appear in the list. Whenever anyone registers a domain, the domain registrar must add their contact information to the Whois database, a publicly available database of domain ownership. So it’s important to remember the email address you used to register your domain.
If you have WhoIs Protection (which is provided by Namecheap when you register a domain with us), your domain registration email won’t appear, but a privacy alias. This protected email address will contain a string of prefix characters before a domain that may look something like the following:
@your_whois_privacy.service.com or .firstname.lastname@example.org
For example: 00222eeef898g6245jbkhdshml42@your_whois_privacy.service
If you choose the wrong email during activation, you can always change it later by using the Sectigo Status Checker tool. If you need it, we offer more information on this DCV method.
Upload a validation file and Add a CNAME record
Both these DCV options are a little more technical. You’ll need to know your way around your website hosting server, or at least have access to someone who does. Uploading a validation file involves uploading a validation TXT file to the document root directory of your domain name, while adding a CNAME record will require you to make changes to the DNS settings of your domain. You may need to contact your hosting provider for help with these options.
If either of those sounds outside your wheelhouse, the best DCV option for you is most likely receiving an email.
This has been a very basic overview of the various DCV options. You’ll find more information about completing your chosen DCV method in your account once you’ve completed the SSL activation process. If you decide you want to switch to a different DCV method later, you can also use the Sectigo Status Checker to do this.
Once you have completed DCV, the CA will send the SSL to your email, and it will also appear in your Namecheap account. SSL issuance can vary from a few minutes to a few days, depending on your chosen validation level.
SSL Installation will vary depending on your server type, content management system, or web hosting control panel.
For WordPress users, installing a plugin like Really Simple SSL will make the process as easy as it can be. If you have EasyWP, it’s as simple as dragging and dropping the SSL files to the right place, while on CPanel, you’ll need to copy and paste the certificate code to the correct field.
You can find a list of the most common server types and how to install an SSL on each of them here.
After you complete SSL installation, it might take a few minutes for HTTPS to take effect, so don’t panic if it doesn’t seem to be working straight away.
4. Dealing with SSL errors
Sometimes it might seem like you’ve done everything right, and you end up encountering SSL errors all the same. The worst of it is when web browsers still proclaim your website to be “not secure”, even after you’ve installed the SSL. Fortunately, with a bit of fiddling, most SSL errors are easily solved. Here are some of the most common SSL errors and how you can fix them:
- SSL installation errors according to server type
- Fixing errors on Google Chrome
- Fixing insecure content on your site
- Addressing private key issues
- What to do when your SSL has expired
SSL certificates might seem complicated at first, but they don’t need to be. By taking the activation, DCV, and installation processes one step at a time, you’ll probably find that it’s a lot easier than you once thought.
The great thing about SSL certificates is that even if something goes wrong during activation or installation, it’s easily fixed. You can always get your SSL reissued by repeating the activation process while switching between DCV methods is easily done with the Sectigo Status Checker tool. Installation varies between servers and CMS platforms, but various tools are available to make it go smoothly. Lastly, although errors can happen, they’re nearly always solvable.
And, of course, if you need any help or guidance along the way, you can always send your questions and concerns to our customer support team. They’d be happy to help.
Hopefully, by reading about adding HTTPS to your site in basic, straightforward terms, you now feel more confident about securing your website with SSL sooner rather than later.