Why choose a paid SSL certificate?
Why would you want to choose a paid SSL certificate when Bluehost provides a free version. One of the biggest reasons why you might want to consider a paid SSL is – Liability Protection. This means that in the event of a data breach, you are insured based on your warranty level. This is especially important if you are an e-commerce website and have personal and financial data of your customers.
The Renewal process for free SSL is a good reason to choose paid SSL. You will need to renew your Free SSL certificate every 90 days. Paid SSL certificates often renew every year or every 2 years. Another good reason to choose Paid SSL is Wildcard SSL. Let’s Encrypt a popular free SSL provider is working on this but currently only Paid SSL through Wildcard SSL provides protection to primary domains and an unlimited number of their subdomains.
Now that we have seen the differences between Paid and Free SSL lets see how you can install a Paid SSL certificate. The process to install Paid SSL is different for Shared hosting and VPS/Dedicated servers. We will be looking at Shared hosting.
Please note that you will need a dedicated IP address before you are able to add an SSL Certificate to your account. You can add a dedicated IP address to your hosting service from the Addons section of your Control Panel.
Watch the video below to know more,
The First Step is to generate a Private Key
- First login to your Bluehost panel click on the ‘Advanced’ tab. Scroll down to the ‘Security section’ and click on TLS/SSL Manager icon.
- Here, under the title ‘Private keys’ Click on “Generate, view, upload, or delete your private keys.
- Next the ‘Private Keys’ page will open, here under the “Generate a New Key” section, select Key Size 2048 or 1024. And then click on the generate button. Your private key will be displayed. Click “Return to SSL Manager”.
- Back in the SSL Manager page, under the Certificate Signing Requests option click on “Generate, view, or delete SSL certificate signing requests.” Enter the domain and the required information into the form. Press the Generate button. If you have entered valid information, you will be shown your Generated Private Key. (if it looks blank, click back and correct any information)
The second part of the process is to create the Certificate Signing Request.
- Take this CSR to the SSL vendor of your choice and complete the domain control validation. Post this the vendor will provide the CRT.
- With the new CRT, return to SSL Manager. Under the Certificates option-click the “Generate, view, upload, or delete SSL certificates”.
- Copy the CRT provided and paste it in the text box provided or Browse your computer for the .crt file. Repeat for CA Bundle file, if received as well. After this press the ‘Upload Certificate’ button
The KEY as well as the CRT will be required when we install your certificate on the server (and a CA Bundle if provided by SSL vendor). It is recommended to keep a backup copy of each of these as they may be used for this particular domain name with any host.