These days, many hosting providers (like Kinsta, Flywheel, or Canadian Web Hosting) provide security certificates at no charge, and there is little more to do than to click a button, but still there are many other providers that do not.
If you would like to apply a security certificate to your website, and they’re not included as with the above mentioned sites, here’s the general process required to install one.
- You’ll need to purchase a certificate from a site that sells them. Your own hosting provider might sell them, and if so it might be easiest to buy directly from them, but if not one that we use is NameCheap, or if you google you can find plenty of sites selling ssl certificates.
- Once purchased, log into your hosting account and create a CSR (certificate signing request). There’s usually a place in the control panel where this can be created, if not your hosting support can likely help.
- Once created, apply the csr to the certificate where you purchased it (it’s basically a copy/paste from one site to the other)
- The certificate site will then send out an approval request to the contacts on the domain record. This can sometimes be a bit tricky particularly if whomever registered the domain is no longer available, sometimes there are alternate ways to approve the request available as well.
- Once the request has been approved, the certificate is made available. At this point it is essentially copied and pasted into your hosting account through the control panel.
The certificates have a limited life span, 1 or 2 years usually, so they need to be renewed regularly. The renewal process is usually a bit easier.