SSL is short for secure sockets layer, which is an encryption standard that is used to encrypt data going between the browser in the server.
In other words, an SSL protects data submitted on your site via visitors and customers.
You set up SSL by adding an SSL certificate to your domain and that switches your website to HTTPs instead of just HTTP.
An easy way to remember is
HTTP + SSL = HTTPS.
But what is exactly happening during this process? The process sounds complicated but it’s really simple. When data is sent over HTTPS, it is all HTTP data being inserted into SSL packets that are then sent, received, and then combined together to prevent third parties from seeing the data while it’s being transmitted.
You might be asking why do I have to go through the trouble of setting up an SSL?
I’m sure your website’s been working fine all this time so far so you’re probably wondering like why do I have to set up an SSL. Firstly if you want your website to rank well on Google search. A few years ago they officially announced that having an SSL certificate gives you a boost in Google rankings.
Another reason is if a visitor visits your website and you do not have SSL enabled they will get a notification that the site is not secure, which probably doesn’t help them to feel safe and eventually purchase something from the site.
Types of SSLs
There are three different SSL certificate types you can get all with their unique advantages and disadvantages.
The first type is called DV or a domain validation certificate. The second type of called an organization validation certificate or OV and the third is continence tended validation certificate or EV.
These certificate types vary in their requirements for issuing such as price, business size, and other criteria for the purchaser. But in this article or only going to be looking at DV as that is domain validation and that’s what most small organizations are going to be looking for.
Sometimes the process of switching to HTTPS has a lot of issues that can cost a lot that’s why we’re going to be showing you Let’s Encrypt that will help you set up SSL for free. The company Let’s Encrypt it’s actually a non-profit CA or what’s referred to as a Certificate Authority.
Let’s Encrypt is free for everybody and they are a trusted Certificate Authority that is run by the Internet Security Research Group.
Some of the companies that keep Let’s Encrypt running you may recognize include Mozilla, Electronic Frontier Foundation, Cisco and many others. As it stands Let’s Encrypt has almost 2 million active security certificates making it one of the largest Certificate Authorities on the planet.
Why Is Let’s Encrypt So Popular?
There are many reasons why Let’s Encrypt is popular.
First, it’s free! All you have to do is own a domain name and you’re good to go and no monthly or yearly fee for the SSL.
Secondly, of course, having an SSL means that you’re going to be way more secure and your website is going to be way more secure.
Thirdly, Let’s Encrypt interacts with web servers and ensures that the whole SSL process is automatic and hands off. Lastly, if you went to a website recently and it doesn’t have an SSL certificate you may have noticed the “not secure” notification in your browser.
How To Install A Free SSL Certificate With Let’s Encrypt
The easiest way to install Let’s Encrypt is to you use your WHM or web hosting manager to add the Let’s Encrypt plug-in. Usually installing an SSL can be a complicated process especially if you’re not used to doing it or are not used to having shell access to your web server.
Let’s encrypt uses what’s referred to as the ACME protocol which stands for automated certificate management environment.
To use Let’s Encrypt your website must pass the act one of the ACME challenges which can be uploading a text file to your web server a changing a DNS record, but the actual process of installation is most often handled by Tool called Certbot.
The Certbot tool works with most hosting providers using software like Apache, but you have to consult your exact hosting provider to see the installation process.
If you do have root level access to your server and you want to install Certbot you can do so by following the directions here.
What to do if you do not have admin level access to your server?
The easiest way to handle this is to actually contact your hosting vendor to see if they support Let’s Encrypt.
If your hosting provider does support Let’s Encrypt they can actually request the SSL certificate on your behalf and make sure that it stays updated they can set it up for you so you can skip all that. If you’re looking for a list of hosts that are compatible with Let’s Encrypt then there is a list on their website here.
If you do by chance have a hosting provider that does not support Let’s Encrypt, there’s no need to worry because there is still a way you can get it installed on your site.
One of the easiest ways to do this will be to install Certbot on your own computer, and then you can use what is referred to as manual mode to upload a specific file to your website.
This file will allow Let’s Encrypt to verify the website and actually provide the SSL encryption for the website the good thing about going through your actual hosting provider is if there is ever an issue they will update it now.
Common SSL Problems
The most common issue you’ll see with installing an SSL certificate on your site is that it might increase the load time of your site slightly.
This is happening because there is an extra step involved in the process of the server communicating with the Certificate Authority in what’s referred to as a handshake.
Today’s consumers need the websites that they browse, interact with, and shop from be 100% percent secure.
That’s why if you haven’t set up SSL for your site yet, now is the time, and setting up an SSL with Let’s Encrypt will be one of the most effective and cost efficient options you can go with.
*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Samuel Bocetta. Read the original post at: http://feedproxy.google.com/~r/acunetixwebapplicationsecurityblog/~3/YhoeL315yb8/