SSL certificate is very important for your WordPress website if you want to accept online payments and secure your website.
Google Chrome recognizes all the websites that do not use SSL as insecure and that can affect the online reputation of your website.
Through this article, you will learn about how to get a free SSL certificate for your WordPress website.
- 1 About SSL
- 2 When do you need an SSL Certificate for your WordPress website?
- 3 How does SSL work?
- 4 Things to consider before getting an SSL certificate
- 5 Set Up WordPress after Enabling the Free SSL Certificate
SSL or Secure Sockets Layer is an internet protocol that secures the data transfers which takes place between a user’s browser and the website that they are visiting.
When the internet users visit the website they transfer information which can be sensitive like credit card information, login credentials or payment details.
When the website uses a normal HTTP protocol, it holds the risks of getting hacked by hackers and that is why SSL is important for a website.
When a website uses SSL they need an SSL certificate that has to be issued by a recognized certificate issuing authority.
This SSL certificate is verified and can be found in the browser address bar of the user, with a padlock sign and HTTPS in place of HTTP.
When do you need an SSL Certificate for your WordPress website?
SSL/HTTPS is recognized and recommended for all the websites that are found on the internet.
But it is more important for every website that collects important user information like credit card information, payment details or login information and more.
It is also important to get an SSL certificate immediately if you are running an online store or any website that requires users to log in.
There are several online payment services that would need your website to first get an SSL or HTTPs certificate prior to receiving the payments.
SSL not only provides security to your website but also helps in creating a very positive and reliable impression on your users.
Google recognizes the websites using SSL as reliable which helps those websites to get an advantage on the websites that do not use SSL, and hence they affect the Google search results.
In case your website does not have an SSL certificate, the browsers will mention the fact to the users that login to your website might not be secure.
How does SSL work?
The information that is transferred from the user’s browser to the website is encrypted and protected by SSL.
Whenever a user opens a website with SSL, the browser tries to verify whether the certificate is valid or not.
Once the validation is complete, the browser generates a client side key that will be used to encrypt data before transferring them over the internet.
Once the data is sent, the server side will decrypt the data using the SSL key which is of course a unique one.
How much is the cost of SSL certificates?
The cost of the SSL Certificates can vary from one certificate authority to another and it could be priced from $50-$200, per year.
Many providers can even offer add-ons with the certificates which could affect the cost of the SSL Certificate.
To purchase an SSL Certificate make sure to rely on well-reputed certificate authorities, who will provide you reliable SSL Certificates and also install it for you.
How to get an SSL certificate free of cost?
The fact that SSL certificates come with additional cost, makes the website owners reluctant to use SSL. This exposes the websites to information theft and vulnerable to data.
There are several non-profit projects that provide a free certificate authority to fix the issue of the website owners in this regard.
These projects are usually supported by major companies like Google, Facebook, WordPress.com and more.
If you have enough knowledge on coding, server know-how and SSH access for using command line tools, then you can easily install the SSL certificate for your website, by yourself.
Otherwise, there are service providers who would install the SSL certificate for you. Some of the most reliable free SSL certificate providers are:
- Let’s Encrypt: The certificate is free and valid for 90 days with a recommended renewal at 60 days from installation.
- FreeSSL: It provides free certificates to nonprofits and start-ups right now and it cannot be a Thawte, GeoTrust, rapidSSL or Symantec customer.
- Cloudflare: Provides free SSL certificates to personal websites and blogs.
- GoDaddy: Provides free SSL certificates to open source projects that have a validity of 1 year.
- StartSSL: Their certificates are valid for 1 year to 3 years.
Recently, there are several WordPress hosting companies that are offering free SSL certificates along with their hosting plans.
When you choose one of these companies for getting a free SSL certificate for your website, you save yourself from the hassle of installing an SSL certificate all by yourself.
The best WordPress hosting companies are:
- Liquid Web.
- InMotion Hosting.
If you are already using any of these companies then you can easily get access to their free SSL certificate from your hosting dashboard and ask your hosting provider to install it for you.
Things to consider before getting an SSL certificate
The certificate that is recommended by Google is an SSL certificate with a 2048-bit key.
You need to upgrade it if you already have a lower like 1024-bit certificate.
Before getting an SSL certificate for your website, you must decide if you need a single, multi-domain or wildcard certificate:
- The single certificate has a single domain.
- The multi-domain certificate would be suitable for multiple well-known domains.
- The wildcard certificate would work for a secure domain that has many dynamic sub-domains.
Set Up WordPress after Enabling the Free SSL Certificate
When you have finally enabled your free SSL certificate, the next thing is to set up the WordPress in order to use HTTPS in place of HTTP in all your URLs.
The simplest way to do this is by installing and activating the SSL plugin on the website.
When activated, the plugin will verify if the SSL certificate has been enabled successfully and it will turn the HTTP to HTTPS and change your website settings, making it secured and better.