Ever try to install your own SSL certificate, just to find that it doesn’t work as expected? I’ll take a typical web hosting account, and walk you through the process.
SSL Certificate Process at HostGator
For clarity, CodeCrunch is not on a shared server. We host with SliceHost. However, my wifes site is hosted with HostGator, and today she wanted me to renew her SSL Certificate that I bought through RapidSSL some time ago. On a dedicated server, this is a breeze. You have root access, can go anywhere – do anything. For obvious reasons, that’s not needed for someone that just wants to reap the ‘bennies’ of ecommerce… a.k.a my wife.
I figured this would be a simple task, and it usually is. Problems arise however, when the process is not completely transparent or instructions are not all available in one place, in plain english. Here’s how simple it really is :
Get your CSR from HostGator
- Your CSR is your Certificate Signing Request. This is generated by your server and is unique. This is how an SSL certificate is ultimately traced back to the server level. When hosting with HostGator, you have to have them generate a CSR for you here. You will then receive an email (typically within an hour or less), containing a block of “code”. This is your CSR. Copy it from beginning to end, ensuring you have no whitespace included.
Choose an SSL Provider
- You can choose any provider you want. (Geotrust, Thawte, etc…) However, I find the simplest for lite commerce levels is RapidSSL. They have a an easy to follow, streamlined, automated web/phone ordering system that works flawlessly. During their process, they have you paste the CSR you got from HostGator into a form, then submit it.
You now have your Certificate
- Check your email and look for one from the certificate provider. You should see on screen, or in your email, your actual certificate. It should look something like this :
Back to HostGator with your Certificate
- Now that your SSL certificate has been issued to you, head on back over to HostGator and have them install it on your server. All you need to do is fill out the install SSL form. Once they receive your certificate, they will install it for you. Once you get an email stating your certificate has been installed – test it to be sure. (yes – even technicians are prone to mistakes) All you need to do is access your site via SSL. https://mysitenamehere.com (with or without the www. top level domain – depending on how you requested the certificate) If all is well, you should get no warnings. If you do – something is not set correctly.
One of the most common mistakes is whitespace or extra spacing in your certificate. In most cases, this will cause httpd (your webserver) to stop running. To avoid this, just be sure to copy only directly before and after your certificate data and no further.