How to get a free SSL Certificate
Secured Socket Layer
Before we get started, SSL simply means Secure Socket Layer. In human language, it means that the connection between the webserver and the browser is encrypted. And what does encrypted means? It is simply a process of converting data or information into a code, thus, making your connection private.
Notice an ‘s’ in the ‘http’ when you visited a secure site? It should look like the one below:
This is also the same with other sites with SSL installed.
For your connection to be secure, you need an SSL Certificate installed in your server. This blog will tell you how to get that digital certificate for free.
Why do we need it?
In 2014, Google has announced in their HTTPS as a ranking signal blog that sites who use SSL Certificate get a ranking boost, though might not be a really big one, but it’s still a boost. However, beginning in January 2017, they have taken it further. Google has announced in their Moving towards a more secure web that HTTP sites that collects passwords, or credit cards as non secure, as part of their long-term plan to mark all HTTP sites as non secure.
They’re basically one of the many providers of SSL Certificates. For more information about the company, just check their Wikipedia page.
The site URL is https://ssl.comodo.com/free-ssl-certificate.php which gives us a free certificate valid for 90 days! To get started there, simply click on the “Free Trial SSL”:
The next page will ask for the CSR:
The next page will ask you to key in the Certificate Signing Request (CSR). This can be obtained through your hosting, and since not all providers are the same, you may need to contact them to help you attain one. It will look like the image below. It’s a combination of anything, what you need to do is to copy it and paste it in the provided filed on the Comodo SSL site.
Simply copy the code and paste it in the field. Next is the dropdown option asking you the server software used to generate the CSR. Just ask your hosting provider in case you don’t know this.
The next step is to prove your ownership of the domain.
To confirm your ownership of the domain, they have listed options on how to do that. I chose the first one as this is the easiest and requires less work. The email address is protected by whois Guard that’s why it’s like that. But the message will be forwarded to the admin email of the domain.
Simply fill-out a form to complete step 3 and click next.
Then put a check on the I accept in their SSL Certificate Subscriber Agreement.
This is free and they won’t require a credit card number. However, you’d need to validate your ownership of the domain. To do that, simply check the inbox of the admin email registered with the domain. If you encounter any issues, you may contact your domain registrar.
Click on action required button to reveal the input field.
Then check your mailbox to get the code.
Copy the code from the email they sent and paste it in the field to validate your ownership.
Then proceed to the next step by clicking next and you should be able to see the screen below:
Clicking on SSL certificates will give you access to download the ZIP file. This file contains your SSL Certificate where you can install to your server.
The downloaded file needs to be extracted and installed to your hosting. Since hosting providers are different from one another, you may need to contact their support to help you install the certificates. I’ve also covered the 3 best free hosting providers, however, it looks like for the free hosting, SSL isn’t provisioned.
SSL For Free
Another good option is to get it from https://www.sslforfree.com/. Getting a certificate from this site is apparently easy.
Simply key-in your domain name and just provide your FTP access credentials to validate your ownership of the domain.
Just fill-out the required fields and you should be good to go. However, if in case you could not get your FTP credentials, you may contact your hosting provider.
Other non-free option
The cheapest that I know and is reliable is through NameCheap.
They have a $9.00 per year as the cheapest tier for SSL.
Configuring SSL with WordPress
After you have installed the certificates to your hosting (or you had helped from your hosting support), your visitors can access your site via “https://”, however, you work is not done yet. You still have to properly configure your WordPress site. Worry not, there’s an awesome plugin that does all that for you.
Please note that activating this plugin will log you out of WordPress, simply because your url has changed from “http://” to “https://”. Just log back in, there’s nothing to be worried about.
Since Google is now pushing for HTTPS Everywhere, and that there’s a long term plan from them to mark all HTTP as insecure, it would be best to install a certificate now.
The good thing about it is that you’ll have a secured connection and a boost to your ranking.
About the author
Ernest Ducay Jr
Memra Project Admin
Loves green tea, dogs, and cats. I'm also a freelance WordPress site developer.