These days, thanks in part to browser default security settings, you really can't go without having an SSL certificate installed on your websites server. If you do, your site visitors might encounter something like the following when they visit.
Having that appear can easily bring your bounce rate into the high 90%'s and could potentially impact your overall SEO rating in a negative way. I know as that happened to me recently when my certificate was up for renewal, and I completely forgot to renew it early on. Checking my analytics I quickly noticed that my bounce rate was indeed in the high 90th percentile range, which really goes to show that people value a secure site.
In this article I will walk you through the process of setting up an SSL certificate through GoGetSSL on your GoDaddy server, if you are using Plesk as the hosting environment. This implementation is only for Plesk mind you, which is the Windows hosting environment that GoDaddy uses.
Overview of SSL
An SSL Certificate is like a digital passport that confirms the holder's credentials for conducting business on the Internet. When web users send information such as their names, addresses and credit card numbers to a website secured with an SSL Certificate, the user's browser validates the recipient's digital certificate before establishing an encrypted connection. This process protects information from outside viewing as it flows both to and from the certificate holder's website.
Most modern day browsers will prevent loading a website through non-SSL URL's by default, unless the user explicitly specifies that they are willing to take the risk. And as of late, certain browsers will begin to automatically redirect users to the https versions of URL's.
Generate the CSR (Certificate Signing Request)
The CSR identifies which server will use your certificate, as well as the
domain names (common names) you'll use for SSL certificates. You will
need to log in to your hosting portal on GoDaddy in order to create your
CSR. So head on over to your GoDaddy Plesk panel and select the SSL/Security menu item for the website that you would like to associate with the certificate.
Select the "Add Certificate" button and on the following form fill in the appropriate fields, along with the domain that you are adding the certificate to.
Select the "Request certificate" button and after the page reloads, you should now see the CSR generated on the page. You will need that to create the certificate on GoGetSSL up next.
That's all you need to do on Plesk for now.
Create the certificate
Head over to GoGetSSL.com and if you need to, create an account. Once you have your account set up, click on the "My Prices" link on the left nav and you should see a list of options for the type of SSL certificate to setup. For this setup, we're just going to go with the free 3 month FREE version. This is one of the downsides with going with a free SSL certificate. You have be mindful of expiration every 3 months.
You can skip the next step "Product Configuration", as the default settings are set correctly. And on the following window, you should see the following message:
Click on the "Incomplete" link and it should take you to a dashboard showing your incomplete certificates.
Click on the "View" link and on the following page click on the "Generate Certificate" button.
In order to generate the certificate, you will need the CSR code that you created on the GoDaddy server above. Paste the CSR into the following form:
Next up, you will need to verify the ownership of the given domain. GoGetSSL gives you a few options in doing so. The simplest route is to simply down the verification .txt file and to add it to the /.well-known/pki-validation directory of your server. This is where GoGetSSL will look for the validation file.
Once copied over, click on the verification link and refresh the page. You should now have a verified and free SSL certificate, at least for the next 3 months.
Upload your private keys
On the GoGetSSL panel you should now see 2 download links for your private keys. One is for your .crt key and the other for the .ca key. Both will need to be uploaded to GoDaddy.
On the GoDaddy Plesk page, head back to your SSL configuration page. The page where you first got your CSR. You should see 2 upload forms right below the CSR. One for the .crt file and one for the .ca file.
Upload both files and after some gears turning, you should see a success message.
Select the certificate
One last step in this process. On your Plesk homepage, head over to your websites menu options and this time select the 'Hosting settings' link. This should take you to a page with general server related configuration options.
Look for the security area and select the certificate that you just created from the dropdown menu.
Hit save and you are done. You should now have a secure certificate installed for your website.
One last note. Do not forget that this is a 3 month certificate and while still secure and meets the basic requirements for most browsers, there are different levels of SSL certificates that you can purchase with higher credibility and with longer expiration dates.
But this is a good alternative to use while you shop around in the meantime.