While in the past it seemed like you could do just fine without the hassle of setting up an SSL certificate, it seems that as of late that might come at a cost to your search ranking. Search engines began taking security status into account a few years ago, and if things continue on that trend, which they most likely will, then you're best bet is to get yourself an SSL certificate.
So in this post, we'll be going over just that, particularly if you're hosted on GoDaddy and/or purchasing your SSL from GoDaddy.
Overview of SSL
An SSL Certificate is like a digital passport that confirms the holder's credentials for conducting business on the Internet. When Web users send information such as their names, addresses and credit card numbers to a website secured with an SSL Certificate, the user's browser validates the recipient's digital certificate before establishing an encrypted connection. This process protects information from outside viewing as it flows both to and from the certificate holder's website.
Purchase an SSL certificate
First off, you'll want to purchase an SSL certificate. GoDaddy offers a few different options at various price points. Note, that there are FREE SSL certificates that you can find online, such as LetsEncrypt.org, however, they are currently not supported by GoDaddy.
Update: You can now set up FREE SSL certificates through GoGetSSL. You can read the entire implementation right here.
For this post, I went ahead and purchased the standard SSL certificate from GoDaddy, which is good for a single domain. After you go through the checkout process, you should now see your SSL certificate under your account settings.
At this point, it is inactive and not pointing to anything in particular.
Setup your certificate
If you select the Set up option from the screen above then you will be taken to the following screen.
You have 2 options here. Either you select your domain from the top drop-down (this is your primary domain registered with your GoDaddy account), or you include a CSR (Certificate Signing Request) into the textarea in the bottom portion. More than likely, you will need to do the second option, which we'll go over in the next section.
Generate a CSR (Certificate Signing Request)
If you're assigning this certificate to your primary GoDaddy account, then you will not need to do this step as it is built in to GoDaddy. If you are targeting any other domain however, then you will need to generate a CSR. This identifies which server will use your certificate, as well as the domain names (common names) you'll use for SSL certificates. You will need to log in to your hosting portal on GoDaddy in order to create your CSR.
The method here will depend on the type of hosting account that you have. For a more detailed explanation on your server you can view the GoDaddy guide here.
Since I'm on a Windows account, I will be using Plesk to generate the required CSR. Under the particular domain that you are targeting, click to expand the various domain website options and select the following.
This should take you to the following screen:
Select the Add SSL Certifiate button and then fill out the CSR request form on following page.
This will generate a brand new CSR for you to use on the SSL Certificate page. This is what you will be pasting onto the SSL set up page from the first step above. Once your CSR is accepted, you will be emailed further instructions on how to verify your ownership of the domain in question. For the exact details however you can read the following support page here.
Download your private key and enable SSL on your website
And lastly, if everything mentioned here has gone smoothly, you will be given a download link to get a copy of your certificates private key. Unzip that directory and log back into your hosting account panel (Plesk).
Once again, head on over to the Secure your sites link that you visited previously to generate your CSR and upload your private key file. You should now be ready to enable SSL on your domain.
Go back to the main Plesk panel and under your domain select the Hosting Settings link. This is where we'll enable SSL and select our now active certificate.
You'll then want to enable SSL and select the appropriate certificate from the drop-down box.
You should now have an active SSL certificate under your domain. Definitely not the simplest route, but once you do it a few times you won't forget the process. Again, not something that is required, but most definitely something that will be more important for search ranking and browser compatibility in the near future.
Walter Guevara is a software engineer, startup founder and currently teaches programming for a coding bootcamp. He is currently building things that don't yet exist.
New articles published each week. Sign up for my newsletter and stay up to date.