GoDaddy’s hosting plans are great for for mid level websites and we can’t fault their customer service but the price to include an SSL Certificate with your package is often a hard sell to clients who don’t know what this is, how it protects your website and how it can impact your SEO rankings.
Do I need an SSL Certificate?
An SSL Certificate is needed to be installed on a web server to allow secure sessions (HTTPS) with the browser. This is typically used to secure user data such as login information, credit card details and other input data.
Staring in October 2017 Google progressively made change to the Chrome browser to show various warnings when a website was being accessed via HTTPS without a valid SSL Certificate. Now when you visit a website without a valid certificate the warnings that the website is not secure are very prominent which will automatically turn your visitors and potential clients away. This, along with the impacts to your sites Search Engine Rankings are important reasons why you should have an SSL Certificate installed.
Installing the SSL Certificate
At the time of writing, GoDaddy’s Managed SSL Service is billed at $259.95 per year. If you can cost this in your website budget and are hosting with them then purchasing this will automate this for you. We however are going to generate a certificate from Let’s Encrypt and install this ourselves. This process will need to be repeated every 90 days (the length of expiry for the certificate) as it cannot be automated with GoDaddy, in favour of you purchasing their service. That being said, for 3 minutes of work you are saving yourself $65 per quarter.
Generate the Certificate
- Head over to Zero SSL (you’ll need to create an account now) and from your dashboard click New Certificate.
- Enter the domain name(s) you are looking to secure and click next step.
- Select 90 day certificate. If you upgrade to the Pro account you can select 1 year to minimise the effort required here.
- If this is a new certificate leave Auto-Generate CSR selected and continue, otherwise paste your existing CSR in the required fields.
– Verify Domain Ownership
There are 3 options to verify the ownership of your domain. Email Verification, Adding a CNAME to your DNS records and uploading a file (HTTP Upload). In this scenario we are going to use the HTTP Upload method.
- Click the link to download your Authentication File (this is a text file).
- Using either an FTP Client or cPanel’s File Manager navigate to your public_html folder.
- Assuming these directories don’t exist, create a new folder structure “/.well-known/pki-validation” (previously “/.well-known/acme-challenge”).
- Upload your Authentication File to this folder.
- You should now be able to browse to yourwebsite.com/.well-known/pki-validation/YourAuthFile.text from your browser.
- In the Zero SSL Dashboard click Next Step to finalise verification.
Once you have verified you own the domain Zero SSL will generate a zip file for you to download which will include your Certificate, Private Key and CA Bundle. Extract this zip file as you will need the files for the next step.
Installing the Certificate
- Login to your cPanel Admin and search for SSL/TLS
- Select “Manage SSL Sites”
- Select the Domain that you are installing the Certificate for.
- Paste both the Certificate File and the Private Key into the respective fields.
- If you have a CA Bundle you can paste it here as well however it’s not always required.
- Click Install Certificate and confirm it installs correctly by visiting the website you installed it for.
This method will need to be repeated every 90 days as it cannot be automated using GoDaddy’s hosting but it is a relatively straight forward process that will save you money. If this process seems a bit daunting get in touch with Solution 16 to discuss our website hosting plans which include SSL Certificates as standard or check out our YouTube tutorial for a step-by-step video on how to achieve this.