Loading...

Knowledge Base

How to Get Started with an SSL Certificate

 

Overview

An SSL (Secure Sockets Layer) certificate shows visitors that your website is secure. It encrypts online transactions and data transfers. Your SSL Certificate will be issued to the domain you use for your website. Follow the instructions below to issue your SSL certificate after purchase.

In this article, we will discuss:

How to Configure SSL

Note: DV (Domain Validation) certificates will go through a 3-step configuration process post-purchase. OV (Organization Validation) and EV (Extended Validation) certificates require additional steps, which will be explained after the 3-step configuration process.

After you have purchased an SSL certificate, follow the steps below:

  1. Log in to your Account Manager via https://www.web.com/my-account/login.
  2. Enter your User ID and Password.
  3. Click Security on the left navigation menu.

Security

  1. If you have more than one SSL certificate in your account, choose a package name and click the vertical ellipsis under Actions to Manage or see the Details of the product.

Manage SSL

Note: The SSL Control Panel will open in a new browser window. If you have pop-up blocking activated in your browser, please modify your browser settings.
  1. You will then be asked to assign a domain name.
Important: Make sure that you issue your SSL to the exact version of the domain or subdomain you want to assign it to (e.g., example.com, www.example.com, or store.example.com).
  1. Once you have entered the domain name, re-enter the domain name one last time.
Important: You will not be able to change the domain once it has been assigned.
  1. Click Continue.

The system would perform a verification check to see if the domain entered is assigned as a domain pointer to a hosting package managed by Web.com. If Web.com does not host your website, you will be asked to choose a server type and input a CSR (Certificate Signing Request).

If the domain is pointed to our hosting, the server type is determined by the package it is assigned to (Windows- IIS or UNIX- Apache). Moreover, the CSR for your shared hosting package is generated automatically on the back end and attached to the validation request so the certificate files can be created post-validation.

The CSR is the key for the SSL certificate. It houses everything about the server, organization, domain, private key, and encryption strength related to the SSL. It is the basis for how the SSL installation files are created and what dictates the handshake to make the secure connection through the browser session.

If a 3rd party provider hosts your website, you are responsible for providing the CSR for validation. If your website is hosted by Web.com, this step is already taken care of on the back end during the configuration process.

Follow the steps below if your website is not hosted by Web.com, but you have purchased our SSL product:

  1. Select the server software type provided by your current hosting provider.
  2. Enter the CSR your current hosting provider provided into the Enter CSR From Web Host field.
  3. Click the Continue button.

Provide CSR

Now that you have assigned your domain and provided your CSR, select a validation email address to receive the validation code and confirmation URL.

Submit Validation Information

Important: If you have enabled Private Domain Registration on your domain, we do not advise that you disable it to complete the validation process. Disabling Private Domain Registration will expose your contact information in WHOIS. Other methods of validation outside of email verification are available. You must configure email validation first, and the support agent can change the method for you.

 

Other Validation Methods

HTTP/.txt file - when all certificate components (Domain, Hosting, and SSL) are managed by Web.com, we will automatically create a .txt file based on the MD5hash and SHA3 components of the CSR and upload it to the webspace via FTP. This method allows this file to be verified and expedites SSL issuance (You can also create this manually and upload it).

CNAME - This method is becoming the preferred method due to the challenges with email. You will be provided with a CNAME to be added to your DNS Zone provider, or our support agent can assist you in updating your DNS records if your website is hosted by Web.com. You or our support agent can add the CNAME via the Account Manager for verification and SSL issuance. Please see How to Update CNAME Records for Validation.

 

Completing Validation Next Steps for Domain Validation Certificates

Validating Email

After completing the steps, you will receive an email containing a secure link to activate validation to generate the SSL and issue the files. Clicking the link will notify the Validation team within an hour that the confirmation is complete.

Validating via CNAME

A special unique CNAME is generated for each SSL validation request. Our support agent will provide you with the CNAME and inform you of the next steps. No email confirmation is needed to validate via CNAME. It may take 1-2 hours for the Validation team to confirm this. Please see How to Update CNAME Records for Validation.

Validating via HTTP TXT File

A special unique MD5 Hash Code is generated for each SSL validation request. Our support agent will take this information and create a .txt file to upload into your FTP site files. No email confirmation is needed to validate via HTTP. It may take 1-2 hours for the Validation team to confirm this.

 

Additional Steps for Organization, Extended Validation, and Wildcard SSL

In addition to the steps listed for Domain Validation certificates, additional information will be required for OV and EV certificates. OV and EV will require an additional form to be filled out, including details associated with the business or organization, which will be included in the files issued for the SSL. All fields are required unless specifically noted.

Completing Validation Next Steps OV, EV, or Wildcard Certificates

Validating Via Email

After completing the steps, you will receive an email containing a secure link to activate validation to generate the SSL and issue the files. Clicking the link will notify the Validation team within an hour that the confirmation is complete.

Validating via CNAME

A special unique CNAME is generated for each SSL validation request. Our support agent will provide you with the CNAME and inform you of the next steps. No email confirmation is needed to validate via CNAME. It may take 1-2 hours for the Validation team to confirm this. Please see How to Update CNAME Records for Validation.

Validating via HTTP TXT File

A special unique MD5 Hash Code is generated for each SSL validation request. Our support agent will take this information and create a .txt file to upload into your FTP site files. No email confirmation is needed to validate via HTTP. It may take 1-2 hours for the Validation team to confirm this.

Validating via Phone Call

In addition to validation steps via email, CNAME, or .txt file, you will need to respond to an email that will trigger a verification phone call back. This automated call is triggered by clicking on a link in the phone verification email. Once you click the link, an autodialer will make a call and provide you with a PIN.

Timeframes

After completing the configuration and validation steps, the files will be issued and uploaded to your Account Manager. You will also be notified via email. The timeframe for SSL validation and issuance depends on the SSL type and how quickly you complete the validation steps.

Note: You can check the Status of your SSL certificate within the SSL Control Panel. Click on the Status Definitions link to learn more about the Status of your SSL certificate.

Status Definitions

 

How to Update CNAME Records for Validation

Important:
  • The steps below only apply if your website is hosted by Web.com. If you are not hosted by Web.com, you must contact your current hosting provider to add the CNAME records provided by our support agent.
  • Please contact support to get your CNAME records. You can contact support via chat by going to www.web.com and clicking on the Contact Us icon. Please indicate that you are validating your SSL Certificate via CNAME validation.
  • Once you receive an email with the CNAME information, enter the records into your DNS manager by following the steps below. If you are not hosted by Web.com, you must add the CNAME records at your DNS provider.

To update your CNAME records via the Account Manager, follow these steps:

  1. Click Domains on the left menu.

Domains

  1. Select the domain assigned to your SSL certificate.
  2. Scroll down to Advanced Tools and click MANAGE beside Advanced DNS Records.

Manage ADNS

A pop-up may show saying, "Only advanced users should make updates to their Advanced DNS Manager. Changes made to these settings may cause you to lose access to your existing email and websites."

  1. Click Continue to proceed.
  2. Click on the + ADD RECORD button.

Add ADNS Record

  1. In the Add Advanced DNS Records pop-up:
    • Select CNAME as the Type.
    • Select Other Host in the Refers to drop-down.
    • Add the Host Name (Host) and Alias (Points to) provided by our support agent via email or chat. Please see the screenshot below for an example CNAME record sent via email.
      Important: Make sure to include the underscore "_" at the beginning of the Alias and ensure that there are no extra spaces in both the Host Name and Alias.

      CNAME record in email
    • Set the TTL to 2 Hours, which is the recommended value.
      For example:
      Add ADNS Record pop-up
      Note: If you are re-issuing or revalidating an SSL Certificate, replace the old record with the new CNAME record. However, if you are unsure if you should remove your existing CNAME record, consult with your DNS provider to ensure you are not removing your records unnecessarily.
  1. Click the ADD button.
Note: CNAME validation may take 1-2 hours based on DNS propagation.

How to Enable HTTPS For SSL

If you are using HTML or a Website Builder for your website and in any case your website is showing as not secured, you can enable the HTTPS for your SSL by following the steps below:

  1. Login to your Account Manager via https://www.web.com/my-account/login.
  2. On the left-side of the page, select Security.
    Security button

     
  3. On the Security page, navigate to Actions. Then, click the vertical ellipsis icon and click Details.
    SSL Products
    Note: If you have multiple security products, select the product that you want to manage.
  4. You will be redirected to the SSL Certificate page. On this page, click on the LAUNCH SSL CONTROL PANEL.
    Launch SSL Control Panel
    Note: The SSL Control Panel will open a new pop-up window. If you have enabled the pop-up blocking on the browser, make sure to disable it on the browser settings.
  5. In the SSL Control Panel window, enable HTTPS by clicking the radio button which indicates ON. It may take 1 to 2 hours for the redirection to HTTPS to fully propagate to all browsers.
    SSL Control Panel
    Important: When activating HTTPS, please check the compatibility of your CMS (Content Management System) settings. Confirm that the server environment is compatible with HTTPS to ensure your website does not display broken images or show webpage directory structure issues.
  6. Once done, close the SSL Certificate window.
Did you find this article helpful?

 
* Your feedback is too short

Loading...