Main section
Guide: how to get an SSL certificate in six steps
Whether you’re running a simple website, an online shop or a customer portal, SSL certificates are a must. After all, SSL encryption protects your site against hacking attacks, ensures customer data is secure and improves your Google ranking. How can you secure your website using SSL certificates? Check out our six-step guide.
To the online shopStep 1: Order certificates
First decide on a provider and determine what kind of certificate you need: Single Domain (protects a single domain), Wildcard (single domain with subdomains) or Multi-Domain (unlimited number of domains). You also have to decide on the validation level. Once you’ve found the right product in the online shop, specify the number of certificates and provide your address and payment details.
Step 2: Apply for the certificates to be issued: certificate signing request (CSR)
After the actual purchase process, you then have to apply for the certificates. SwissSign sends an email with a voucher code and link for this. On entering the code, you can complete what’s known as a CSR: certificate signing request. This is your application to have a certificate you purchased issued and signed. CSRs are generated on your device – which means the certificates’ private keys always stay with you.
Step 3: Your application is validated
During the application process, you’re required to submit various documents depending on the validation level (DV, OV or EV). Only the specified domain has to be validated for DV certificates. This is performed via email in just a few minutes. If you apply for an OV certificate, you’re also required to submit documents with organisational and official registry information, while further legal and operational verification must be performed for EV certificates. As manual validation is then required, OV and EV verification may take several days.
Step 4: The certificates are issued by the certificate authority (CA)
The documents submitted must be reviewed and validated. This is done by the body that issues the certificates, known as the certificate authority. SwissSign issues all certificates itself and is therefore a Swiss CA. Once the validation has been completed, the certificates are issued and can be downloaded. The public keys are then stored on a public server. For SSL certificates, the private keys are known exclusively to the customer.
Step 5: Install the certificates on the server
Once the certificates have been downloaded, they can be installed on the server hosting the protected domain. If this is not a dedicated server, it’s worth contacting the hosting provider and completing a usually simple and fast process to install an SSL certificate. Depending on the content management system (CMS), your website may already be protected by an SSL certificate by default.
Step 6: Update your links
When you first come to install an SSL certificate, your web address prefix will probably be HTTP. As soon as the HTTPS address is operational, you should set up a 301 redirect to it from the HTTP site to avoid duplicate content issues with Google. You should also add a new property in Google Search Console and any web analytics tools used. Don’t forget to check internal links and online ads that should use the HTTPS links from then on.