Have you noticed how this website's address begins with HTTPS? this is because this site is protected with an SSL certificate which enables secure communications between users and the site. This is something that really every website should implement as it stops third parties from being able to intercept the information being sent back and forth, for some sites this might not be particularly sensitive data but nonetheless a user's information should be kept to the parties that user decides to give it to an nobody else. Here's how to go about getting a certificate (the instructions given are for a Plesk hosted site):
Generating using the FREE LetsEncrypt SSL certificates on a PLESK hosted site:
This method takes a bit longer and requires that you amend your site's DNS settings which can sound scary but we're only adding a new DNS entry or amending one.
Generate the code on your website, Update your DNS and hit Go
- Go to your plesk hosting site, select the website you want to protect and go to SSL/TLS Certificates (you may see a message here stating that your domain is not secured)
- Hit the button that says Reissue Certificate
- Here you'll see adverts for a lot of paid solutions but if you don't mind refreshing every now and then you can get all this stuff for free.
- Scroll to the bottom and hit the button under Install a free basic certificate provided by Let's Encrypt
- Now you'll get the chance to select what you want to secure, basically you want all of these, secure the domain name and the wildcard domain name so that you can have all subdomains automatically protected. Now hit Get it free
- Now you should have been dumped back to your website's main config page with a notification giving you a long code, talking about DNS entries and presenting a continue button. DO NOT press the continue button yet!
- Go to your DNS settings for the site domain. In my case I use ~NameCheap to buy my domains and my plesk setup means that my DNS rules are set there instead of with my site hosting. I'll explain the steps below as though you're using namecheap but you should see similar options wherever you are.
- Select the domain you want to amend the DNS for and hit Manage
- Go to the Advanced DNS tab on the right
- Add or amend an entry of the following type (if you're updating from an old certificate you'll already have one of these and can just amend the value)
- Type: TXT Record
- Host: _acme-challenge
- This will ultimately need to resolve _acme-challenge.YourSite.com, for NameCheap the site domain is automatically implied so the entry is as above.
- Value: yiyd2g9h8vLIY-VvGSPYkajdnf3L449m-L5f1s8bf6A (the value from you)
- Once you've added/amended to the above DNS entry you should test it with something like https://www.whatsmydns.net/
- Enter in the address for the DNS you've just made; _acme-challenge.YourSite.com, or for this site it would be _acme-challenge.joi.wiki
- Set the type to TXT as above and hit go. Once you're seeing green and that the value you're getting back is the same as the new value you entered you're good to go
- Go back to the hosting page notification and finally you can hit Continue on the SSL notification.
- You're now done, look at all the new ways your site has been secured!
Legacy Method for third party certificates:
Generate a code on your website
- Go to your web hosting site
- On your main page you should see "Secure your Site", click on it to go to the Certificates page
- Add a new certificate
- give it a name
- once you've entered in the requested details click "Request". This will generate a CSR code which you'll need to get your certificate
Go and buy a certificate somewhere
- Literally, google for it and find yourself a cheap SSL certificate provider, I use NameCheap because, well, they're cheap
- Once you've bought your certificate you'll need to activate it, go to the link provided and enter in your CSR code generated by your webhost provider
- chose a verification method, personally I went with email
- actually, I went with email and then realised that you couldn't change the email so I had to go back to my hosting site and create an admin email account that matched the admin email address I'd selected and set it to redirect to my hotmail - it's entirely possible that you won't need this step however.
- Once you've activated your certificate you should be sent an email with some files attached
Upload the files to your website
- Go back to your hosting site and navigate to the certificate that you created at the start of the process
- you should have the option to upload some files to complete the certificate, do this and you've successfully created your first signed SSL certificate
Once you've done all of this the last thing for you to do will be to go to the hosting settings of the site that you'd like to protect, go to protection and select the certificate that you've just made, once you save your changes and the server propagates them your site url will show with a shiny padlock next to the satisfying HTTPS:// prefix
if your site isn't doing that then you might need to look at the details of your actual site, check out the settings of your installed CMS (Wordpress, TikiWiki for example.. not that this happened).
;){kind=link}
;){kind=link}
;){kind=link}
;){kind=link}