If you own your own domain you can obtain an SSL certificate for your web site completely free from sslforfree.com. The certificate is valid for 60 days and will need to be renewed thereafter.
Below is a condensed, quick guide to the steps I took to enable and configure an SSL connection but first, why do we need to secure our web sites anyway and what is SSL?
In a nutshell SSL is an encrypted channel between the client and your web site providing improved security. Web sites with a valid SSL certificate have a URL beginning with ‘https’ rather than ‘http’. The Google Chrome browser will distinguish between the two by displaying a green padlock symbol in the address bar whenever the site is SSL enabled and a grey circle with an exclamation mark denoting unencrypted connections.
During 2018 Google have announced that they will display a red triangle warning for all insecure sites and this will obviously affect people’s judgement negatively when visiting your site. Certified sites are not going away that’s for sure.
SSLforFree – Installation Overview
Below is a brief overview of the steps I took to obtain and install the certificate files. I’m assuming that you have already prepared the necessary files in your web server for the switch to SSL? I’m running the Apache2 web server. A dummy ssl-configuration file was pre-installed. I edited this file with my virtual host settings. Apache configuration is beyond the scope of this tutorial but help is available in abundance on the web. You will probably need to open port 443 on your router if you are running your web server from home like myself. Again, Google is your friend.
In your browser head over to https://www.sslforfree.com/. Study all the instructions carefully, plan your installation, know every step before committing. After creating your account, enter your domain name in the box provided. You can enter sub domains as well, even wildcard domains like *.example.org example.org. See the section ‘Free Wildcard Certificates’ in the ‘Advanced Options’ section further down the page for the exact syntax.
Validating the site
Before sslforfree.com will allow you to download your certificate they will need to verify that you are the owner or the administrator of the site. There are several verification methods available. I chose the manual verification method which involves downloading a couple of files and placing them in folders within your web root. The names of the folders are of importance and sslforfree.com provide explicit and simple to follow instructions during the verification process.
Downloading the certificate
The certificate contains a few files, make a copy for safe keeping and make a new folder on your system for Apache to be able to locate and read them. Remember, private keys need to be adequately protected. I recommend the tips in this link:
Editing the Apache virtual host file
Next, edit the virtual host file so that the web server can locate the certificate files. I achieved this by opening the pre-installed, default SSL virtual host file (default-ssl.conf) and edited the path’s and filenames to point to my location. These 3 lines of code will need to be edited.
Change them to match your installation:
After updating the apache virtual host file we need to restart the apache server for the changes to take effect.
sudo systemctl restart apache2
Hopefully your site will now display the green padlock symbol in your browser.
Verifying your certificates
Finally, to verify all is in order use the free SSL Checker utility available at:
Here’s a screenshot of my results:
If you chose to verify via the ‘Manual Verification’ process you can now safely delete the files you downloaded on your server.
Other Mooselander links: