SSL certificates encrypt the login data before transmitting them to your ISP/server making it harder for eavesdroppers to break in. That’s exactly why banks, financial institutions, ecommerce sites etc. use SSL for securing login information, user identity information and credit card data.
SSL certificates cost a lot if bought from providers like Verisign, GoDaddy etc. For those us who don’t run mission critical portals, that is not an option. Let us see how to get free SSL certificates from StartSSL.
Obtaining The Free SSL Certificate
A simple signup form kickstarts the process of getting the free SSL certificate. All the details, including home/company address to phone number are mandatory requirements. Once the signup is done, an email with the verification code is sent to the email address you specified.
After entering the verification code, the application is sent to the second stage of verification by the StartSSL team and we are advised to wait for about six hours before being contacted by their team.
However, I got a confirmation mail in less than 5 minutes with a link to the account. Remember, this email is good for only 24 hours from the time it has been received, so act fast.
Installing The SSL Certificate
StartSSL offers free certificates with no holds barred and with absolutely no hidden charges. You can choose either a 128 bit or 256 bit key for encryption.
We have the option to choose between a high grade or medium grade private key. Once the type of key is selected, it is generated and we are taken to the installation page.
Once the install button is clicked, the certificate is installed. There is also an option to download and store the certificate to an external disk and I strongly advise you to do it.
Now that the certificate is installed in the browser, we can just click on the Authenticate option to enter the control panel. No need for an username and password. We are identified by way of the unique private key and hence it is very important to back it up securely.
Validating The Domain Name
After authentication, we can start the process of validating the domain name & the email address with the help of the Validations Wizard. From the dropdown, you can choose the appropriate option. Let us go ahead and validate a domain name.
Once we enter the domain name, an email address has to be associated with it to confirm domain ownership.
Once the email address is verified, the domain is validated. However, this being a free SSL certificate, StartSSL requires the renewal of this validation every 30 days, which involves the same process.
I chose the Webserver certificate since I am planning to use it for my WordPress installation. We need to enter a password to create a private key and then we have to enter the subdomain where the certificate will be used. Subdomain is a mandatory requirement.
The certificate created will support the domain and the sub domain. As the final step, we now have the text box displaying the encoded certificate information. Copy the content, paste it in a notepad file and rename the file as ssl.crt
The same page also has links to download the intermediate and root certificates. Download them to the same folder.
Uploading Files To Server
Navigate to the How to Install section in the FAQ section. Choose your server setup, for example Apache and you will have the code to modify the http.conf or ssl.conf file. Copy it and update the file in the root folder of the domain in your webserver.
From the same page download the ca.pem & sub.class1.server.ca.pem files. Upload all the files to the root folder and now we have the SSL enabled connection at the website.
Please exercise caution with the last step and ensure that all the directories (marked by arrows in the image above) follow the same naming convention of your ISP or location in your webserver. And do remember to validate the domain every 30 days to enjoy the security provided by the free SSL certificate.
Are there any other services offering free SSL certificates? If you know of any, do share them with us.