Security is the most important factor in the success of any website. It is more so with websites that have to collect PIA, or “Personally Identifiable Information” from their users.
Now, consider a website which requires visitors to enter a social security number or even credit card info to complete the purchase transaction.
In such scenarios, security comes paramount.
It is essential if you want visitors to transact on your site.
With a security certificate or SSL, you can make your server data secure. There are two ways of getting SSL certificates either create a self-signed certificate or go for a security certificate that has been approved by a certificate authority.
Well, here we will brief you about how you can create and install Self Signed SSL Certificate.
In fact, for making your website connection secure using HTTPS, you will need an SSL Certificate.
It can be obtained in two ways:
- Self Signed SSL Certificate
- Buying SSL Certificate from trusted SSL Certificate Provider
Buying SSL Certificate from ClickSSL (SSL Provider) remains different in costs, depending on the year of purchase, the authentication method, and so on.
On the other hand, Self Signed SSL certificate is free you don’t need to pay anything.
However, Self Signed SSL certificate doesn’t contain any trust seal and visitors to your site may get warning my Web browser that SSL certificate doesn’t contain any trust seal.
What is SSL?
Before going further, here is a small description of SSL or Secured Socket Layer.
SSL is a protocol which is used to send information over the internet by encrypting them so if someone stole information in the middle then this information is of no use because it will take years to decrypt that information.
If SSL is enabled on the website, then information sent from the user’s web browser or information received from website server travels through the encrypted format.
SSL enabled site can be accessed by typing URL with “HTTPS” rather than HTTP and padlock icon is shown in the web browser address bar.
In https, “s” represents secure.
The website with the advanced certification like EV SSL will show a green bar with a padlock icon on the browser address bar.
When you need SSL Certificate?
If you are running a website which needs sensitive information, like the credit card or bank details, etc. then you don’t want someone to steal that information in the middle of the connection.
SSL encrypts that information and creates a secure connection between the user’s browser and website server.
SSL enabled website give confidence to visitors of your website that information they are giving on your website will reach securely.
Buyer or visitors trust is most important for any website.
Signed Certificate vs. Self Signed SSL Certificate
Whatever form of certificate you use self-signed or buying a certificate from the trusted provider (Certificate Authority), your SSL connection is secure in both options.
Your site connection will be secured, and data will be encrypted whatever certificate you use.
The problem with Self Signed SSL Certificate is that most of the web browsers can warn visitors that this SSL connection is Untrusted and the visitor may go away from your website.
If visitors bypass that warning and go to that website, they will find a red padlock icon and a crossed line on https.
(It’s like in Google Chrome and other browsers.)
All web browsers check for SSL certificate, and if it is by a trusted provider, then it will open the website without any warning and put a green padlock icon in the address bar.
A green padlock icon makes the user feel more secure for sending information to that website.
Similarities between Signed and Self-Signed Certificates
There’s one striking similarity between certificate signed by a Certificate Authority and self-signed certificates:
- Both of these certificates go on to generate a site that cannot be read by third parties. The data is being sent over an HTTPS Connection, or SSL. It will be encrypted regardless of the fact whether the certificate is signed or Self-Signed.
Both of these certificates encrypt the data and create a secure website.
The Advantage of Using a Signed Certificate
Signed SSL Certificate by a Certificate Authority has a “Big” Advantage over Self Signed Certificate.
It tells your customers that the server information has been verified by a trusted source.
So, basically, a 3rd party company verifies the security information instead of the company who owns a website.
For example, The most common Certificate Authority is VeriSign.
VeriSign and other trusted CAs will verify the existence of the business as well as the ownership of the domain (in question).
It is done to ascertain that the site in question is legitimate.
In fact, nearly every web browser checks if an HTTPS Connection is signed by a recognized CA.
In the case of Self-Signed Connection, the website will be flagged as potentially risky. An error message is displayed warning the customers not to trust the site, even if it is, indeed, secure.
Moreover, if you are into eCommerce, then you need a Signed Certificate. People trust the signed certificate. They prefer not to do business over an HTTPS server without one.
So, if you are into an online business, you should invest in the Signed Certificate.
When you need Self Signed SSL Certificate?
If you are running a shopping site, or site which accepts sensitive information then never use self-signed SSL certificate.
If you want to use SSL for personal testing purpose or person access then, you can use self-signed SSL certificate.
You can change self-signed SSL certificate to signed certificate (Certificate Authority) in the future if you plan to run your site for commercial purpose.
So, self-signed certificates are great for a testing server.
If you want to create a website to test over an https connection, you don’t need to pay for a signed certificate.
Self-signed certificates can also be used for situations that require privacy where people are not concerned about.
- Username & Password Forms.
- Collecting Personal Information (Non-financial PIA).
- Where users are people, who know and trust you (Company Intranet).
- Personal sites with few visitors
With Self-Signed Certificate, you are actually telling your customers – “Trust Me – I am who I say I am.”
How to install SSL?
SSL Certificate contains two keys, public and private key. To implement SSL both these key works together to create an encrypted connection. The public key is used for encryption data and with private key data is decrypted.
To install SSL, you need to generate an SSL certificate, which can be created by buying a certificate or by generating a self-signed SSL certificate. SSL can be implemented on a domain with dedicate IP only.
The SSL certificate contains information of Website, Address of the website owner, etc.
After generating an SSL certificate, you need to install it on your server or your domain.
Here, I will tell you how to create a self-signed SSL certificate and install the certificate on your domain using WHM and cPanel.
How to Create and Install a Self-Signed Certificate?
Here, I have listed down the steps you need to take to create and install a Self-Signed Certificate.
How to Create Self Signed Certificate from cPanel?
Follow the following steps:
• Step #1: Log in to cPanel.
• Step #2: Access the Security Section on the cPanel Home Screen.
• Step #3: Click SSL/TLS Manager
• Step #4: Under Private Keys (KEY), Click “Generate, View, Upload, or Delete your Private Keys.”
(The “Private Keys” Page appears)
• Step #5: Under the “Generate a New Private Key,” confirm that the Key size has been set to 2048 bits.
• Step #6: Access the “Description” text box and type a descriptive name for the key. For example Self-Signed Certificate Key.
• Step #7: Click “Generate.”
(cPanel generates and displays the private key)
• Step #8: Click “Return to SSL Manager.”
• Step #9: Under Certificates – CRT, click “Generate, view, upload, or delete SSL certificates.”
(The Certificates Page appears)
• Step #10: Under “Generate a New Certificate,” select the description for the private key you generated in step 7
• Step #11: Access the “Domains” textBox.
• Step #12: Type the domain name that you want to secure with the self-signed certificate. (For example test.mywebsite.com)
• Step #13: Now, complete the other fields for the certificate.
• Step #14: Click “Generate.”
(cPanel will generate and display the self-signed certificate)
• Step #15: Click “Return to SSL Manager.”
• Step #16: From the “SSL/TLS Manager” page, under “Install and Manage SSL for your site (HTTPS),” click Manage SSL sites.
(The “Manage SSL Hosts” page appears)
• Step #17: Under “Install an SSL Website,” click “Browse Certificates.”
• Step #18: Select the certificate you generated in step 12.
• Step #19: Click “Use Certificate.”
(cPanel goes on to fill in the Certificate (CRT), and Private Key (KEY) fields automatically)
• Step #20: Under the “Domain” List Box, choose the domain which you need to secure with the Certificate.
• Step #21: Click on to the “Install Certificate.”
(The cPanel will install the certificate on the server and enable SSL)
When the process gets completed, you will get “SSL Host Successfully Installed” Message.
• Step #22: Click “Ok.”
Now, you can securely access the specified domain with https:// prefix in a web browser. However, you will get a warning message about the self-signed certificate.
Please note you need dedicated IP for the domain on which you want to implement SSL.
I found this is one of the easy methods of installing a self-signed SSL certificate on the website. Please share your experience and knowledge on implementing SSL.