Despite the process of obtaining an SSL certificate for your website is not very difficult it may take you plenty of time, because the price of mistake could be rather high. I’d say you can loose hundreds of dollars if you buy wrong type of certificate or get it from wrong place. Here’s a quick overview of the process that will make your SSL cert shopping experience more enjoyable.
- Generate CSR (certificate signing request). In plesk 8.2 you should go to Server->Certificates->Create new Certificate, enter all information, triple-check it and click request. Id’ recommend using admin@<yourdomain>.<yourtld> email as a contact email for reasons explained later. I’d also recommend separating all your stuff you need secure access for to a different subdomain, for instance “secure.<yourdomain>.<yourtld>”, so you can keep secure and insecure stuff logically separated. Also when a user sees word secure in the URL it will make one more assured in the transaction.
- You can buy SSL certificate from many places. I chose http://www.geocerts.com. I think they provide great prices (though after some research you can get it cheaper from more suspicious places), they have excellent explanations for every step you should make, great comparison tables and other stuff also great. Those guyas are not CA, they are just resellers, but they are doing a great job. Indeed the price you can get from them is 2-3 times less then what you can get from GeoTrust or Verisign.
- So you go to http://geocerts.com, click on “compare geotrust cert products” and try to understand what you need. For instance I needed to secure a webstore for as cheap price as possible, so I chose QuickSSL for a second, but them decided to upgrade it to QuickSSL Premium. The only difference between those two is a green “seal” that you can put on your website. The seal basically says that people coming to your website should trust it and provide a link for quick validation of this fact. That sounds like a toybut customers typically like such small toys, aren’t they? So my total for one QuickSSL Premium sealing one domain for one year was $129 at the moment.
- The next steps really depend on the company from which you’re buying the cert. GeoCerts have good explanations for every step, so I won’t explain exactly they step-by-step process. Here’s just a general overview of the process:
- You have to provide the CSR generated on step 1. In Plesk 8.2 it is Server->Certificates->”Your certificate in the list”->”scroll down”->”copy the part named CSR, including the first and last lines starting with dashes”. Then paste the CSR to the text area or upload it or provide it to the seller they way it accepts it
- You have to select approval email from the list you’ll be given by the seller. I’d recommend using admin@<yourdomain>.<yourtld> you chose on step 1
- After purchasing the cert (i.e. giving them the credit card) you’ll receive email on mailbox selected on step 4b. Click on the link, go to the page, click approve.
- A few minutes later you’ll get the cert by mail. Upload it to the server and you’re ready to go. Again, in Plesk 8.2 you upload it by copypasting the cert from email to Server->Certificates->”Your certificate in the list”->”scroll down”->”Upload certificate as text”. Paste it to “Certificate” text area, not the other one.
- You’re done. Wanna know more about how to make the cert work in Plesk? Read me next post.