If you’ve decided to switch from HTTP to HTTPS and get the rank boost Google offers to secure sites, you’ve already made a serious step towards the future of the internet. This detailed screenshot-rich guide will take you step-by-step through all you must do or be on the lookout for when installing SSL on your site.
This post focuses on the process from within cPanel. Even though differences are only limited to software-based differences, if you’re using Plesk or another server software, you’ll probably only benefit from reading the sections about SSL basics.
SSL Certificates: The Basics
There’re many different types of SSL certificates based on encryption and level of reassurance you need to provide your customers with.
Based on encryption you can purchase 128 or 256 bit encrypted SSL. Needless to say, the latter is twice as secure and the standard at the moment.
Based on validation type you can get DV, OV, and EV SSL certificates.
The lowest validation level is called Domain Validation (DV) and is used to certify that somebody with administrator rights has issued a Certificate Signing Request, has consequently confirmed it, and installed the certificate.
The next level of validation is Organization Validation (OV) and certifies the legal name of the business (organizational) entity that runs the website.
Extended Validation (EV) is the highest level of validation and triggers the green bar in browsers. It requires extensive check of the company behind a website and provides site visitors with information, such as address, contact number and person, and registered business name.
To learn more about the different SSL certificates, which one you should choose, and where you can buy it at the best price, check out the complete SSL guide.
Buy & Install SSL
To buy a SSL certificate you must meet the requirements for the chosen type of certificate.
DV SSL is the easiest and fastest to buy as it doesn’t require any documentation. It’s normally delivered in the matter of minutes. OV and EV SSL require usually documentation and take longer time to process and issue (2-3 days, on rare occasions up to a week for EV SSL)
To buy a SSL certificate you have to follow these steps:
- Sign into your cPanel on the server.
- Choose SSL/TLS from the Security section.
- You’ll be led to the main SSL management screen that looks as the screenshot below (you’ll have to return to this screen every time you have to deal with certificate uploads, installations, updates, etc.):
- Choose Private Keys to generate a private key. Choose the key strength (2048 bit is the recommended setting) and optionally write a description. Then click on Generate at the bottom.
- Return to the main SSL management screen and choose Certificate Signing Requests. From the drop-down menu choose a key to use or generate a new one, fill out the required information, and click on generate at the bottom.
- Go to the SSL certificate vendor you’ve chosen and go through the ordering process. When required to provide CSR (Certificate Signing Request), provide the one that you just created on your server. Important! The CSR should be issued on the server that hosts the domain you want to install the SSL certificate on.
- If ordering OV or EV SSL, you should be ready with digital copies of all necessary organizational documents.
- You usually receive your ready SSL certificate in a mail. There’s both a set of files (varying based on the type of certificate) and a copy-paste version of the certificate.
- Read the instructional file in the mail as it’ll help you install the files in correct order.
- Get back to the main SSL management screen and choose Certificates. Choose to upload or copy-paste your certificate.
- At the top of the page you can see all uploaded certificates. Click Install to install SSL on your site and/or your server.
Checklist After Installing SSL
Installing SSL is maybe the simplest step in the process in that it’s pretty standard and a one-click solution. After installation is complete, you have to make sure that your site is set to HTTPS, all your links are permanently redirected, and all your social, analytics, and other registrations are updated to reflect the change.
- Set your site to HTTPS. You do that by going into Settings ->> General in your WordPress Admin panel. In the fields WordPress Address (URL) and Site Address (URL) change HTTP to HTTPS.
- Redirect your HTTP pages to HTTPS using 301 permanent redirects. This is necessary not only because your internal links won’t work anymore, if you fail to do it, but also because a HTTP version of your pages still exists online. In order to make sure that all site visitors end up on secure pages and link juice is transferred to the new HTTPS pages, it’s necessary to implement 301 redirects.
- Register the HTTPS version of your site with Google Search Console and submit a sitemap. This is necessary as Google treats migration to HTTPS as a change of address but doesn’t support it in their tool for registration of address changes. Thus, you end up having two sites in the eyes of Google – your HTTP and HTTPS versions. This is also why you should not delete the HTTP version even after getting your HTTPS version indexed.
- Make sure to update the address in relation to any software you might be using.
- Update the URL on all your social profiles and in email signatures. If you have a lot of followers or regular site visitors, it’ll be a good idea to inform them about the change via mail or social media update.
SEO Impact of Installing SSL
Much is being said about the different ranking factors in Google and most of it is simply gossip. Moving to the secure HTTPS was rumored to give a tiny rank boost. However, in my experience this boost is more significant than rumored.
In the graph below (screenshot from Google Search Console) you can actually see that daily impressions have tripled for this site in a month, without anything else changing, and while struggling with horrible server performance.