Secure sockets layer (SSL) certificates create a secure connection between a website server and browser, protecting the transfer of sensitive information, such as credit card numbers. Get one by signing up with a web host that includes a free SSL certificate, then activate and install it through the host’s control panel.
Many SSL certificate providers charge a lot—as much as $75. Their certificates can also be technically challenging to install. For a more affordable and user-friendly option, we suggest signing up for Bluehost. They not only include an SSL certificate for free with their $2.95 per month web hosting, but they also make it easy to install. Click here to get your own.
How to Get an SSL Certificate
There are a number of ways to get an SSL certificate, but most users want to secure one easily and affordably. That’s why we chose two reliable options. The first is Bluehost, which includes one with all WordPress hosting plans. The second is directly through WordPress, which offers SSL security via a plug-in.
Here are the two best providers for an SSL certificate:
Best for: Businesses that need web hosting, such as those in the process of building a new website or those looking for a new web hosting provider.
If you don’t have a website name (domain) or a place for your website (hosting), Bluehost offers a free SSL certificate as well as free custom email addresses, a free domain, and website hosting with packages starting at $2.95 per month. Click here to check it out.
2. Really Simple SSL
Best for: Businesses that have an existing WordPress site and need to get an SSL certificate.
If your site is built on WordPress and you already have a domain name and web hosting but still need an SSL certificate, Really Simple SSL is a good way to install one easily.
Below, we include step-by-step instructions on how to install an SSL certificate using the two options above. We will start with how to get one with Bluehost, as it is the best all-in-one solution for most small businesses. We will then show you how to get one using Really Simple SSL for WordPress websites.
How to Get an SSL Certificate with Bluehost in 4 Steps
Bluehost is the best way to get a free and easy-to-install SSL certificate for those building a new website, or those considering new web hosting. To get one, simply sign up for hosting with Bluehost, then click “Install SSL certificate” from the “Addons” tabs in the cPanel (control panel).
Here’s how to get a free SSL certificate in four steps using Bluehost:
1. Sign Up for Hosting
Go to Bluehost.com and from the homepage, click the green “Get Started Now” button in the center of the page. On the next screen, you will be given three different plans to choose from. As you will see, each plan comes with a free SSL certificate.
The main difference between the entry-level Basic Plan and the Plus Plan is that the Basic Plan comes with 50GB of storage compared to unlimited with the Plus Plan. Choose the plan that includes a suitable amount of storage for your website by clicking “Select” below the plan. Most will find the Basic Plan to be sufficient to start with, and you can always upgrade later if you find you need more storage.
After you have selected the right plan for your business, you will be prompted to start the sign-up process. First, either claim your free domain name by typing it in under “new domain” (included in all hosting plans) or connect a domain you already own by entering it under “I have a domain name.” See our article on tips for choosing a domain name for guidance on how to pick your domain.
You may also choose to skip this step for now by opting for the “Choose Later” option at the bottom of the screen.
Once you have chosen your new domain or linked your existing domain, you will be brought to the “Create your account” page. If you have a Google, or G Suite, account, you can easily create your account by signing in with Google. If not, enter your account information in the text boxes, including your name, business name, contact information, and account password.
Scroll down on the page to review and confirm the web hosting package of your choice. You will also be given the choice of adding package extras. Uncheck the pre-checked boxes if you only want to purchase your web hosting plan (unchecking these boxes will not remove the SSL certificate from your hosting plan).
Scroll down to the bottom of the page to find the payment section and input your credit card information. Make sure the address you used for your contact information matches the address linked to your credit card (otherwise, your credit card provider may decline the charge). Click the green “submit” button at the bottom to complete your hosting purchase.
2. Go to the Control Panel
Log in to your new Bluehost account. If you used your G Suite account during the registration process, click “Sign in with Google.” Otherwise, use the login information created during the purchase process; this should also be emailed to you. After logging in, you will be brought to the admin page, called the Bluehost control panel.
3. Navigate to the Addons Page
From the Bluehost control panel, click the “addons” menu. You will find this at the top of the screen in the blue horizontal menu bar between “domains” and “account.”
4. Install New Certificate
On the “addons” page, locate SSL Certificates, and click “Learn More.” Next, click the “Get Started” button that is located under WordPress Free SSL, then click the “Install” button. Please note that once you install the certificate, it can take a few hours before it will be activated.
To check that your new certificate is functioning properly, go to your website. With an active certificate, your URL will automatically appear with “https” instead of the standard “http” before the domain, such as https://www.yourbusiness.com. Most browsers will also show the image of a lock in front of the domain, denoting the added security.
If you have followed the steps and, after giving it time to activate, you still aren’t seeing “https” at the start of your website address, contact the Bluehost Support Team. They are available 24/7 via live chat or by phone at 844-460-5814.
How to Get an SSL Certificate on WordPress in 4 Steps
Those who have an existing WordPress site can install an SSL certificate using Really Simple SSL—a free and open-source plug-in available to all WordPress site owners. To install it, simply log in to WordPress, go to Plugins, install Really Simple SSL, and activate the plug-in.
Here’s how to get a free SSL certificate for an existing WordPress site in four steps:
1. Login to WordPress & Go to Plugins
Start by logging in to your WordPress site via www.yoursite.com/wp-admin. From the user dashboard, find and click “Plugins” from the left-hand menu.
2. Find & Install Really Simple SSL Plug-in
In the search bar at the top of the web page, search for “Really Simple SSL.” This will give you a list of options. Find and click the “Really Simple SSL” option to open the plug-in page. Click “Install.”
3. Activate Plug-in
After the download is complete, you will be brought to a screen that gives you the option to activate the plug-in. You must do this before the plug-in can be used. To activate Really Simple SSL, click “Activate Plugin.”
4. Re-Login to Your Site
You will now be required to re-login to your site. This allows the site to implement SSL security and change the “http” in the address to “https.” You should also see the image of a lock next to your URL in some browsers, denoting the added security.
What Is an SSL Certificate?
An SSL, or a secure sockets layer, certificate is a form of security that creates a safe and secure connection between a website’s server and a browser. This keeps personal information, such as order details, shipping information, and payment information, safe during online transactions.
The security during these transactions includes two primary elements. First, the certificate provider serves as a confirmation to users that the online business is real, active, and authentic. Second, it encodes—or encrypts—data sent between the website and the users’ browsers, making it almost impossible for hackers to collect and read while it is being transferred.
Reasons to Get an SSL Certificate
SSL certificates are required for sites that deal with sensitive data, such as online retail stores or ecommerce sites that accept payments. However, it’s not only for ecommerce; every business should get one because it protects sites from hacking. It can also improve search rankings; within the last few years, Google has begun favoring sites with SSL security.
Here are the top reasons to get an SSL certificate:
- Ensure Site Security – SSL security ensures customer data is kept safe from hackers who try to steal credit card numbers and identity information, like Social Security numbers.
- Required to Accept Online Payments – If you sell products online, you must have an SSL certificate. The reasoning is clear; without it, data is liable to be stolen.
- Enhance SEO – Businesses that want their site to be found on search engines such as Google should get an SSL certificate; Google favors sites that have SSL security and down-ranks those that do not.
”In 2018, Google started labeling sites without an SSL as not secure, warning visitors of the dangers such a site may pose. This led to a serious loss in traffic and a lowered SEO score for these websites.”
– Keri Lindenmuth, Marketing Manager, KDG
Alternative Ways to Get an SSL Certificate
While we have recommended two free ways to get an SSL certificate, there are other options that should be considered by businesses wanting higher security or more control over their SSL certificate installation. The alternatives below allow businesses to connect SSL certificates to sites built with all-in-one hosting and website builder platforms, install plug-ins to CMS platforms like WordPress, or buy and install SSL certificates themselves.
Here are six alternative ways to get an SSL certificate:
- HostGator – Similar to Bluehost, HostGator is a web hosting provider that includes a free SSL certificate with hosting plans. With plans starting at $2.95 per month, it is an affordable alternative to buying an SSL certificate and hosting separately.
- Weebly – Weebly is an easy-to-use, drag-and-drop website builder that requires zero coding knowledge and includes a free SSL certificate. It’s best for those who need a website and want to build it themselves without web development experience.
- GoDaddy – Purchase an SSL certificate with GoDaddy, a domain name registry, for $59.99 per year for one website.
- Digicert – Buy an SSL certificate with SSL provider Digicert for $198 for one year for one website. For the high price tag, it comes backed with a $1 million warranty should your site’s information get hacked.
- Namecheap – Similar to GoDaddy, Namecheap is primarily a domain name registration site that also offers SSL certificates. Prices start at $14.88 per year for one website with an SSL certificate.
- WordPress HTTPS – This WordPress plug-in, similar to Really Simple SSL, is available for free on WordPress. It is considered the heavier-duty version of Really Simple SSL, and does require more technical expertise to use.
Frequently Asked Questions (FAQs)
What Types of SSL Certificates Are There?
There are currently three types of SSL certificates: DV (Domain Validated), OV (Organization Validated), and EV (Extended Validation). Each provides a different level of security, though ultimately they all do the same thing: encrypt information to secure your site’s data. The standard form is the DV, or domain validated, and for most businesses, this is sufficient. Learn more about the different types in this guide.
What Does an SSL Certificate Cost?
You can purchase an SSL certificate through sites such as GoDaddy and Namecheap for $20 to $75. However, there are ways of getting a free one. The best ways are by using a web host that includes a free SSL certificate with their hosting plans. They are not only free, but are also easier to install. Click here to view a side-by-side cost comparison.
What Is Required to Get an SSL Certificate?
In order to get and install an SSL certificate, you must have your own web domain, evidence that your business is legal, and a dedicated IP address. It is much easier, however, to get a free one with Bluehost or use a WordPress plug-in.
The Bottom Line: Purchase an SSL Certificate
An SSL certificate protects your website and its visitors from data theft. You can get an SSL certificate by purchasing one online, using a WordPress plug-in, or by signing up for a web hosting provider, such as Bluehost, that includes a free SSL certificate with all web hosting plans. Every business with a website should get an SSL certificate to help secure their site’s visitor information and improve their Google search ranking.
With so many ways to get an SSL certificate, it can be difficult to know which is the best for you. Given its affordability and ease of setup, we recommend Bluehost—for $2.95 per month, you get a free domain, free email addresses, and a WordPress website with an SSL certificate. Click here to learn more.