What is an SSL
SSL (Secure Sockets Layer) is a standard technology behind establishing an encrypted connection between a web server (host) and a web browser (client). This connection between the two makes sure that all the data passed between them remain private and intrinsic. SSL is an industry standard and is used to protect their online transactions with their customers. If you have ever visited a website using the https:// in the address bar you were creating a secure connection via SSL.
To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key.
The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) - a data file also containing your details. You should then submit the CSR. During the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL. Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.
The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals.
Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL.
Who needs an SSL
- Is my site an e-commerce site that collects credit card information?
For most e-commerce sites, you absolutely need an SSL certificate! As an online merchant, it is your responsibility to make sure the information you collect from your customers is protected. This will shield you and your customers by making sure that no one can intercept and misuse their credit card information.
Your customers are providing you with very important and personal information that allows access to their hard earned money. If an identity thief gets access to your customer’s credit card information because you didn’t take the necessary precautions, it can be devastating to you and to your customer. Your customers need to know that you value their security and privacy and are serious about protecting their information. More and more customers are becoming savvy online shoppers and won’t buy from you if you don’t have an SSL certificate installed.
If you accept credit card information and store it in a database so you can process it using an offline POS machine or charge it manually on your merchant account’s website, then you definitely need an SSL certificate to secure the credit card data as it is transferred. You also need to be very careful with the data when it is stored on your servers.
- Do I use a 3rd party payment processor?
- Do I have a login form?
It is true that most login forms don’t currently use SSL. This means that most login forms are vulnerable. With the number of cheap SSL certificates available, it is becoming more and more worthwhile to secure login forms. If you want to forego the SSL certificate without having to worry about securing the login information, you can also use OpenID, Facebook Connect, or another technology that lets users log in on a another site and return to your site
- Do I need my own SSL certificate or can I use a shared SSL certificate?
Proceedure For SSL Installation
Beging by Generating a CSR using cPanel
Log in to your cPanel account.
Locate and click on SSL/TLS Manager in Security section.
Click on the Generate, view, upload, or delete your private keys link under Private Keys (KEY) menu.
Click on Generate.
The next page will show the newly generated Private Key in encoded and decoded format. The private key will be saved to the Private Keys storage in SSL/TLS Manager.
Click on the Return to SSL Manager button.
Generate Certificate Signing Request:
Click on Generate, view, or delete SSL certificate signing requests under Certificate Signing Requests (CSR) menu
Enter the following information for the CSR code that will be submitted to a Certificate Authority. Please use only alphanumeric characters when filling in the details.
Domains: Enter the fully qualified domain name on which the SSL will be activated (common name). The common name for all Wildcard certificates should be represented with an asterisk in front of the domain (*.example.com). To create your CSR code for multiple domains, enter each domain on a new line.
City: Provide the complete name of your city or locality. Do not use abbreviations.
State: Provide the complete name of your state or region.
Country: Select your country from the dropdown list.
Company Division: Provide the name of a division or department, within the organization, indicated above. For Domain Validation certificates you can enter ‘NA’.
E-mail: Enter your e-mail address. The e-mail used for CSR generation will not be used for domain control validation or for reception of the issued certificate.
Click on the Generate button
The next page will show the newly generated CSR code. You can now use the Encoded Certificate Signing Request to activate the certificate purchased with your SSL provider or any other Certificate provider.
Click on the Return to SSL Manager button.
After the certificate is issued, follow the net steps to install SSL certificate for your site.
Steps to Install Your SSL Certificate
Log in to your cPanel account
Locate and click on SSL/TLS Manager in the Security section
Copy the certificate code you received from the Certificate Authority including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- and paste it into the 'Certificate: (CRT)' field on the next page.
Complete the installation process.
Copy and paste the chain of intermediate certificates (CA Bundle) into the box under Certificate Authority Bundle (CABUNDLE)
Click on the 'Install Certificate' button
Why use an SSL
- SSL Encrypts Sensitive Information
- SSL Provides Authentication
- SSL Provides Trust
Web browsers give visual cues, such as a lock icon or a green bar, to make sure visitors know when their connection is secured. This means that they will trust your website more when they see these cues and will be more likely to buy from you. SSL providers will also give you a trust seal that instills more trust in your customers.
- SSL is required for PCI Compliance
How to install an SSL