Wondering how to install that SSL certificate on your WordPress site? I was asking the same question a few days ago. I wanted to secure just the checkout pages for one of my WordPress websites. It was a little more complicated than I was expecting. For this site, I am using Hostgator as my web host and Godaddy as my domain register.
The first thing I always do before buying anything from Godaddy is to look for coupons. In my opinion, the following website (scottsigler.com/godaddy) has the most reliable and updated discount codes. Using the promo code on his site, you can purchase an SSL certificate for $12.99. It’s for the first year only, but it still saves you quite a bit of money.
After I purchased my SSL certificate, I just assumed that I would download a file and send it to Hostgator. Wrong! The first hurdle you may face when downloading the certificate files is knowing what type of hosting package you’re on. The following screenshot shows all of the options.
I also assumed that since I use the cPanel to administer my site, that was the option I needed to select. I believe the Other and cPanel options provide you with the same download. If your not sure and you’re on a Windows PC, its best to select Other. Again, I just assumed that I would send Hostgator these files and they would do the rest.
Before I contacted my web host, I decided to see if there was a way for me to install the certificate using the cPanel for this site. I searched the Internet and ran across the following video entitled, install SSL certificate using cPanel. In the video, it shows an SSL/TLS Manager icon located under the Security section. In my cPanel I did not have that option.
I reached out to Hostgator chat support and they immediately directed me to their SSL Form. Looking at the form, I was confused as to what I should enter as my SSL CA Certificate and RSA Private Key number. There are no instructions on the site, nor a place to upload the zip file that Godaddy provided me.
On a hunch, I unzipped the file from Godaddy. It placed two icons that looked like certificates on my desktop. I right-clicked on the file gd_bundle and selected open with > Notepad. Inside the gb_bundle file contained the information that needed to be copied and pasted into the Hostgator SSL Form under the section labeled SSL Certificate. The second file which was labeled the same name as my website contained the information that needed to be pasted into the Trusted Authority/ CA Bundle section.
I was still left wondering what my RSA Key was. I did some more web searching and discovered the Hostgator Certificate Signing Request.
After entering in all of the necessary information, I was presented with my RSA key. I then went back to the SSL Form and submitted my request. The next day I received an email requesting the payment method for the dedicated IP address that must be added when enabling SSL.
I wanted to make sure the SSL certificate was installed correctly so I visited the SSL Server Test page provided by Qualys SSL Labs. As shown below, my site received an overall score of B.
I’m assuming that since I don’t have an Extended Validation (EV) SSL certificate that my score isn’t perfect. The EV certificate turns a web browsers address bar green to give the visitor an added since of security. Because PayPal will be processing all of the credit transactions on their secure site, I didn’t feel the need to purchase an EV certificate.
With the SSL certificate now installed on the server, the only thing left to do is enable SSL within WordPress. Instead of manually entering the SSL code, I picked the easy way out. I’m using a WordPress plugin called WordPress HTTPS (SSL). Once the plugin is installed, you’ll see two new options on every post and page as shown below.
For every page or post that you’d like to secure, you must check the Enable SSL box as shown above and the the Secure Post box as shown below.
Enabling SSL on your WordPress checkout pages may mean the difference between making the sale or not. I think twice before giving my personal contact information to a website that is not secure. Even though a 3rd party company, in my case PayPal is processing the credit card transaction. I’m still collecting some billing information before the customer is sent to the PayPal checkout page.
If you run into trouble installing your SSL certificate, leave your question below and I’ll help you the best I can. If this article helped you out, show us some love and like us on Facebook, Twitter or Google+.
What are your thoughts on this article?
Category: Web Design
About the Author (Author Profile)John Bousman is an MCSA, MCTS, MCP, Net+ and A+ Certified Technician. He is also an avid Web Developer, WordPress Jedi, SEO Connoisseur and owner of an IT Firm in the Midwest. During the day he helps tackles Server Administration and Desktop Support issues for small business. With over 15 years experience installing, configuring and troubleshooting retail and enterprise software, he's seen it all. Make sure you checkout his profile on Google+.