Web browsing via HTTPS is becoming the norm and all websites will need to be secure. Is the free SSL certificate a good alternative to paid SSL certificates? What is a free SSL certificate and how do I get it?
With its free SSL certificate , the certification authority Let’s Encrypt allows you to secure your website with a free certificate obtained in 5 minutes .
Does a free SSL certificate offer the same level of security? Is it really free? How to get it and install it? We bring you the answers in this article.
What is a free SSL certificate?
The free SSL certificate has been around for a long time, the OpenSSL foundation allows you, for example, to create a free self-signed SSL certificate since 1998 thanks to an encryption toolbox.
Installing an SSL certificate on your website secures the information exchanged with your visitors. It also allows your visitors to identify you as the owner and to be certain of the existence of your business on the date of installation of the SSL certificate.
For a website, the implementation of an SSL certificate (TLS) allows the transition from the HTTP protocol to the HTTPS protocol .
Self-signed SSL certificate
A self-signed certificate is a free certificate created from an open source toolbox (OpenSSL). OpenSSL allows you to create your SSL certificate in a few steps, provided that you are proficient in Linux.
The creation of a self-signed certificate is suitable for personal use, on the contrary, to secure your website, your SSL certificate must be issued by a certification authority (Certificate Authority, CA, AC) .
A self-signed SSL certificate can trigger an alert message in web browsers while an SSL certificate (of X.509 type) issued by a certification authority ensures the green padlock for your entire domain (at provided that the SSL certificate is correctly installed).
Let’s Encrypt free SSL certificate
At the initiative of the Electronic Frontier Foundation (a project independent of Mozilla) , the Internet Security Research Group (ISRG) created Let’s Encrypt .
Let’s Encrypt is therefore a certification authority which has been issuing free SSL certificates since December 2015 (in public beta). Thanks to Let’s Encrypt, it is possible to obtain a free and reliable SSL certificate!
The Characteristics Of The Let’s Encrypt Certificate:
- They are free and issued by a certification authority,
- They allow a secure connection via the HTTPS protocol, they can secure a web server, an email server, an FTP server, etc.
- The issuance of the certificate is automated and takes only 5 minutes,
- Certificates are valid for 90 days (it is possible to automate renewal),
- They are only of type validation domain (DV) ,
- Let’s Encrypt certificates are recognized and compatible with almost all browsers and all applications,
- They are of type X.509 and use the SHA-2 hash function.
To secure a showcase site or a blog, a free SSL certificate is a good alternative to paid certificates issued by other certification authorities. The Let’s Encrypt certificate is really free and offers a very good level of security. On the other hand, its installation will certainly pay off, unless you have the necessary skills.
For an e-commerce site, it is preferable to opt for a certificate of type OV or EV (OV for validation of the organization or EV for extended validation).
Why install an SSL certificate?
Beyond protecting the data exchanged, securing the web is a priority for Google. In fact, Google has been encouraging website publishers to switch to HTTPS since 2014.
Since January 2017, Google Chrome reports a danger in its address bar for all websites not accessible in HTTPS. The result of Google’s actions translates into strong growth in SSL secure sites. With the strong growth of the free SSL certificate, 50% of the pages loaded in January 2017 were secure .
Evolution of the percentage of pages loaded via HTTPS
How do I get a free SSL certificate?
To get a free SSL certificate and secure your website , all you need is your hand on your apache server. Let’s Encrypt offers a tool that allows the automatic implementation of the certificate on your domain in a few command lines.
An SSL certificate is installed at the hosting level of your site and more precisely at the level of your web server.
Depending on your host and web server, the procedure for obtaining an SSL certificate and installing it will be different:
- If your site is hosted on shared OVH or on a VPS or dedicated server, you can take advantage of a free SSL certificate in 1 Click. You will just have to intervene on your site to force it to switch to HTTPS.
- If, on the other hand, your site is hosted by Gandi on a shared XS type, you will not be able to benefit from a free SSL certificate.
To find out if your web server is compatible with the installation of a free SSL certificate, you will need to contact your host.
How to install an SSL certificate?
Installing an SSL certificate is free if you do it on your own. It is made up of several stages and requires skills in web development. It starts with making sure you have the following access:
- Access to FTP,
- Access to the web server (SSH access or via a Plesk or cPanel type panel),
- Access to the domain manager,
- To the administration console of the website.
Installation of an SSL certificate
- Study your needs and choose the type of SSL certificate to install (DV, OV, EV, SAN, SSL wildcard,…)
- Study the technical feasibility (your hosting server, the CMS used, the redirects to be provided, backlink, etc.),
- Choice of your certification authority and purchase of the SSL certificate (paid or free) ,
- Generate the SSL certificate (CSR) and install the certificate on the web server,
- Rewriting of all website URLs, transition from HTTP to HTTPS,
- Implementation of 301 redirects ,
- Control of 301 redirects and the presence of the green padlock on all pages of the site.
For novices in web development, you will have to entrust the installation of your SSL certificate to your host or to a web agency .
The establishment of a secure connection to your website via SSL is inevitable. The free SSL certificate is a good alternative to paid certificates for the majority of websites. For e-commerce sites or for validation of your organization, you will have to opt for a paid certificate.