What is an SSL Certificate?
In the simplest terms, SSL certificates allow the secure transfer of data between a browser and a server. The SSL certificate itself is installed at the server level. When a site is secure, it will load in your browser over https (<– the “s” is for “secure”) and you’ll see a padlock icon in the URL bar like this:
Do I need an SSL Certificate?
SSL certificates are essential for websites that handle sensitive user info like email addresses or credit card numbers. But even if your site isn’t collecting “sensitive” information, it’s still a good idea to use SSL for visitor confidence. Some web browsers will display a warning to visitors if the page is loaded over https, but an SSL certificate is misconfigured or not installed. The warning I see most often looks like this:
How do I get an SSL Certificate for my website?
I’m glad you asked! Some hosting providers offer support for Let’s Encrypt SSL Certificates with their website hosting plans. They’ll typically use an automated version of Certbot (Let’s Encrypt) to handle the certificate creation and renewals on their servers. If your host does not have this option, then you can still add Let’s Encrypt certificates to your server manually using tools like Certbot or ZeroSSL.
In this tutorial, I will be using Certbot on macOS to get Let’s Encrypt SSL certificates.
Let’s Encrypt certificates are provided free by the Electronic Frontier Foundation and they expire after 90 days. The manual process I’m outlining here works great for securing a handful of domains, but if you have lots of websites to manage, then it can be a burden to have to repeat this process every 90 days.
Another option for low-cost SSL certificates that renew yearly is SSLMate. These start at $15.95 and you’ll only have to update once per year instead of every 3 months.
Getting Started
Before we begin, you’ll want to make sure that you have access to:
- Terminal (on Mac go to Applications > Utilities > Terminal)
- CPANEL Admin access where you can get to the
- File Manager (you can also use FTP)
- SSL/TLS Manager
Using Terminal & Command Line Basics
Terminal is a command line interface for Mac. For those of us old enough to remember the days of DOS or checking email through Telnet portals back in the late 90s, using Terminal may bring a feeling of nostalgia. Command Line may feel intimidating at first, but once you learn a few basic commands you’ll gain confidence. Here are some commands that are essential to know when starting out:
Command Line Basics
pwd = print working directory (directories are folders)
ls = listing (this command lists all of the contents in current directory)
ls -al = more detailed listing that includes hidden files
clear = clears the screen
cd = change directory
.. = move back up in the directory
../.. = move back up 2 directories
cd~ = move back to the home directory
man (insert any command i.e. – pwd) = get help
sudo = used to temporarily move into super user role
vi = enter visual editor for command line
:q = quit
If you’d like to learn more about this powerful tool, here’s a helpful article on command line usage from Lifehacker.com.
STEP 1: Install Certbot via Terminal
Open Terminal and install Homebrew by running this command:
sudo /usr/bin/ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”
After Homebrew installs, use it to install Certbot by running this command:
brew install certbot
Use command line navigation to enter the directory where you installed Certbot. On my computer, it can look a bit like this:
pwd (I do this first to see what directory I’m in to start)
ls (I sometimes list the directory contents right away to see what’s inside. You’re looking for the certbot folder. If it’s not there, you’ll want to do some more navigating around until you find it…)
cd certbot
Once you’re in the Certbot directory, you’re ready to jump to Part 2 and start generating certificates.