Find out where to get a free SSL certificate
When I moved PeasOnToast.co.uk to a secure https domain, I was amazed to learn that I didn’t have to pay £100s for an SSL certificate – there were free options available!
Scroll down to find out
which companies offer free SSL Certificates.
But first, let’s find out more about “SSL certificate” and “https” – what are the benefits and what do they mean?
What are the benefits of having a secure https website?
Have you ever wondered why some websites are more secure than others, or why people are more trusting of a website url beginning with “https”?
Here are some benefits of using a secure https website:
- your visitors will have increased confidence and trust when using your website
- all data and personal information is securely encrypted
- guaranteed that all information your website browser receives, originates from the expected domain rather than a malicious third party
- improved conversion rates as people can safely subscribe or purchase goods from your website, if required
- Google marginally favours https websites in SEO rankings
What does https mean and what’s an ssl certificate?
HTTPS means “hyper text transfer protocol secure” and is the secure version of HTTP.
It’s the system used to transfer data between your internet browser and the website you’re visiting. If the website you’re visiting is for online shopping, banking or marketing and social media it ought to be an https website to comply with regulations.
Whenever you provide confidential details on a website, always check that it has “https://…” at the beginning of its url.
If the website has https, it means all communication between your internet browser and the website you’re visiting is securely encrypted and protects confidential information.
An easy way to spot whether a website is http or https
If you’re using internet browsers such as Internet Explorer, Firefox, Chrome or Opera – https websites have a padlock at the beginning of their url.
Secure Socket Layer (SSL) certificates are small data files installed on a web server to digitally bind a cryptographic key to a website organisation’s details – such as the:
- domain name, server name or host name
- company name and location
In other words, you need an SSL Certificate to have a secure website.
It’s the SSL certificate that activates the padlock and https protocol, allowing it to protect and secure your website.
Basically, without an SSL certificate, your website url can’t be an https.
An SSL certificate can only be issued by a trusted Certificate Authority (CA), such as GlobalSign.
Here’s a helpful video by GlobalSign explaining SSL.
How many types of SSL certificates are there?
There are three main types of SSL certificate with increased pricing based on the level of security and checks carried out:
- domain validation (DV) – the CA checks the right of the applicant to use a specific domain name. Encryption information is shown within the Secure Site Seal, but the website organistion’s ID isn’t checked and there’s no need to provide company documents
- organisation validation (OV) – the CA checks the right of the applicant to use a specific domain name and it conducts some ID checks on the website organisation
- extended validation (EV) – the CA checks the right of the applicant to use a specific domain name and it conducts thorough ID checks of the website organisation’s company documents. The registered company name will also be displayed in the browser address bar
All SSL certificates provide encryption, but the more expensive EV SSL certificate also provides full peace of mind as to the identity of the website you’re visiting.
The high cost of buying an SSL certificate means that https isn’t readily accessible to all website owners.
some CAs offer free trusted SSL certificates, such as those provided by Let’s Encrypt and Cloudflare.
These Certificate Authorities offer free SSL Certificates
Let’s Encrypt is a free and open CA provided by the Internet Security Research Group (ISRG). Its main goal is to provide free, domain-validated certificates on-demand, making the internet a safer place.
The SSL certificates are:
- easy to use with automatic configuration and renewal
- publicly available for anyone to inspect, which guarantees transparency
Let’s Encrypt launched in December 2015 and came out of beta in April 2016, quickly gaining credibility and support from several major corporations. It’s a trusted Certificate Authority and has already issued more than 5 million SSL certificates.
Cloudflare is a Content Delivery Network (CDN) operating out of 86 data centers around the world.
The benefit of using Cloudflare as your CDN provider is that:
- it routes your web traffic to the nearest data centre rather than waiting for your web host (this means that your visitors don’t have to wait as long for your website to load)
- it’s free
- on average, your website loads twice as fast
- saves 60% bandwidth
- blocks more spam and prevents other malicious attacks
… Cloudflare can also provide Flexible SSL or work with a third party’s SSL Certificate (such as Let’s Encrypt’s) to provide Full SSL protection.
How to change your website to https with a free ssl certificate
Head over to my post “How to redirect your website to https with a free ssl certificate – step-by-step guide” for an easy-to-follow tutorial.
The tutorial shows you how to:
- install a free SSL certificate on your website using FastComet web hosting with either Cloudflare or Let’s Encrypt
- redirect your posts and pages to the secure https url
- check that your website’s secure and correctly uses https
Note: this blog post is intended to be a general resource only.
- Monzo Bank review – 100% smartphone banking exceeds expectations - 16th October 2016
- Atom Bank review – the new player on the banking field - 4th September 2016
- How to use SendinBlue email automation – step-by-step guide - 19th August 2016