HTTPS and SSL certificate (1 Viewer)

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
Marvellous
Got a call from a FB group admin, that he had a received a notification that they had deleted 5 of my posts in that group. Also the link to the website that he had posted for a website I created to replicate the Bibby Gazette that we used to get when serving in the Merchant Navy.

We *think* it is because the site is http:// and not https://, but no data is requested on the site, it is for display purposes only.

They can do all that, but cannot stop the phishing messages we are getting supposedly from other members, who have never sent them. One member has even had his messenger account deleted, but they are still coming.

Anyway, could someone who has their own website(s) please tell me how easy it is to install an SSL certificate yourself? Any reccommendations. The site is registered with GoDaddy, just because it existed on my NTL webspace, then when they stopped supplying webspace, threw us over to GoDaddy.
I am assuming that once installed, the prefix will change to https:// ?

The site in question is bibby-gazette.co.uk but is a display site only. It does not ask for any info from any visitor.
The site is a labour of love for the shipmates that I used to sail with. No monetary gain at all.

Not sure if I want to pay for one TBH.
 

plog

Banishment Pending
Local time
Today, 03:30
Joined
May 11, 2011
Messages
11,643
I use lets encrypt which is free:


It's been a few years since I set it up so I can't remember the steps. Which I guess is kind of good, had it been a battle to get it to o work I am sure I would have remembered that experience.

Once set up the https worked, but http still did as well. Its not like it just switches over automatically. I had to rewrite my .htaccess file to redirect to https.
 

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
Thank you Plog,
That is a bonus. I don't mind jumping through a few hoops to get one working.
Seems I have a fair bit of research to do. Not even sure I have a .htaccess file
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 03:30
Joined
Feb 28, 2001
Messages
27,156
Anyway, could someone who has their own website(s) please tell me how easy it is to install an SSL certificate yourself?

Since the sites are designed to work with certificates, the utility that is your web provider will have something built-in - but you should probably just do a web lookup of "Install SSL certificate in xxxx" where xxxx is whatever you are using to provide web pages to your clients. Could be IIS, Thunderbird, ... anything. Last time I had to do something like that, it was for a mail system.

The trick is always to find their security setup category in their menu and browse until you find "install certificate" or "register certificate." If you have the cert as a file, they usually want it in a particular folder relative to the network utility folders. So you move the file to the right place, run the certificate install/register/whatever they call it, and stand back. Takes a few seconds, mostly because of having to do a little math on the two keys - the public and private keys for the cert. Once they are verified, you are good to go. The harder part is to fill out the request for the cert to get your site name correct - and it is important because the site's root name/path figures into the cert.
 

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
Thanks Doc.
I had a quick peek last night and there is a .htaccess file, with a bunch of stuff I do not understand. :) They have some decent support, so if I cannot find the process, I will give them a call.
 

sonic8

AWF VIP
Local time
Today, 10:30
Joined
Oct 27, 2015
Messages
998
Anyway, could someone who has their own website(s) please tell me how easy it is to install an SSL certificate yourself? Any reccommendations. The site is registered with GoDaddy,
The process totally varies depending on where/how the website is hosted.
I suggest you google for your hoster's instructions. Here's a piece from the GoDaddy Blog: How to enable HTTPS on your server
 

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
I use Cpanel with my ex bosses hosting package.
Googling there should be options for SSL/TLS in the Cpanel Security section, which we do not have, so I will need to contact TSOHost support.

A few videos on youTube, so appears pretty painless TBH. Just hope that turns out to be the case.
Plogs link also supports TSOhost, so again another bonus.
 

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
OK, I *might* have found out why FB were concerned about my site.
I have two small javascript snippets which hide the actual email addresses on the site.

Would a SSL certificate cover that? I would have thought not?

I submitted the site to two sites that scan the website for malware. One scanned it with 77 different programs, only 2 reported it as malicious :)
The group admin forwarded the FB message.

On my posts.......
1 post 3 years old.
3 posts at 2 years old
1 at 9 months old.

The two others from other posters were almost as old?

Nice to see they are on the ball :)
 

plog

Banishment Pending
Local time
Today, 03:30
Joined
May 11, 2011
Messages
11,643
No, SSL just verifies that the requested sender was the one sending information.
 

undeprecated

New member
Local time
Today, 04:30
Joined
Dec 23, 2022
Messages
8
SSL is pretty standard these days on any hosting provider. Be wary of anyone trying to sell you a cert.
 

danielwill

New member
Local time
Today, 14:00
Joined
Feb 16, 2024
Messages
2
Installing an SSL certificate on your website is relatively simple, especially if you choose a hosting provider such as GoDaddy that provides SSL certificate installation support.

Here's a general outline of the steps you would typically follow:

Purchase an SSL Certificate:-

If you don't want to spend much money, Let's Encrypt offers free SSL certificates. Many hosting providers, including GoDaddy, provide free SSL certificates or work with Let's Encrypt.

Generate a Certificate Signing Request (CSR):-

This is a file providing the information about your website that you must submit when acquiring or obtaining an SSL certificate. GoDaddy should provide a guidance on how to create a CSR tailored to their platform.

Purchase or Obtain the SSL Certificate:-

If you use a purchased SSL certificate, you must acquire it from a Certificate Authority (CA), such as ssl2buy.com. If you're utilizing Let's Encrypt, you can get your certificate for free.

Install the SSL Certificate:-

GoDaddy should provide documentation or support resources to help you install the SSL certificate on your website. This normally consists of uploading the certificate files and configuring your server to use them.

Update Website URLs to HTTPS:-

Once the SSL certificate is installed and your website is available via HTTPS, you should alter any internal links, scripts, or resources on your site to utilize HTTPS instead of HTTP.

Test Your SSL Installation:-

After installing the SSL certificate, you should test your website with tools such as SSL Labs to confirm that everything is properly configured and that your SSL certificate is genuine.

While it's understandable to be hesitant to pay for an SSL certificate, bear in mind that HTTPS encryption is crucial for security and can boost your website's trustworthiness and search engine ranking. However, if cost is an issue, using a free SSL certificate like Let's Encrypt is a viable choice for securing your website without making a financial investment.
 
Last edited:

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 03:30
Joined
Feb 28, 2001
Messages
27,156
@danielwill - your comments are technically correct, but you were responding to a year-old thread that appears to have been abandoned. Always check the date of the post, which is in the top line of each post.

There is no rule saying that you CAN'T respond to an older post. It happens all the time. But I wanted you to recognize what you did because you get more "bang for the buck" responding to newer posts. Just a fine point about being a member.

But thanks for offering your insight to contribute to the understanding of the forum on this topic.
 

Gasman

Enthusiastic Amateur
Local time
Today, 09:30
Joined
Sep 21, 2011
Messages
14,253
I would also say thank you for the SSL labs name. That allowed me to check my site.
 

Users who are viewing this thread

Top Bottom