How to Get a Free SSL Certificate (and Why Google is Forcing You To)
Does the idea of improving your search engine rankings and offering your visitors better security sound like something you’re interested in? What if I upped the ante and told you it wouldn’t cost you a penny? SSL certificates secure your website’s connection and boost its rankings in Google. And now, thanks to services like Let’s Encrypt, you can actually get a free SSL certificate for your website.
Yup, all of the benefits of SSL, none of the costs!
In this post, I’m going to dig into what SSL certificates are, how they benefit your site, and how you can get your very own free SSL certificate. Then, I’ll even share a super simple plugin that makes getting set up with SSL on WordPress an absolute breeze.
What is an SSL Certificate?
Have you ever noticed how sometimes websites start with “http://” and then sometimes they start with “https://” and have a green padlock nearby? If you have, you’ve seen the end result of an SSL certificate. But what you haven’t seen is what goes on behind the scenes.
SSL stands for Secure Sockets Layer. Essentially, SSL establishes an encrypted link between your web server and your visitor’s web browser. This ensures that all data passed between the two remains private and secure.
With an unsecured HTTP connection, third-parties can snoop on any traffic passing between your reader’s browser and your web server. Obviously, this is a huge issue if you’re passing sensitive information like credit card numbers.
But nowadays, many entities, including Google, are pushing to use secure HTTPS connections for all traffic, even things you might think are mundane.
Why Do You Need an SSL Certificate?
In the past, the only time an average webmaster needed to care about SSL was eCommerce. But that all changed in late 2014 when Google dropped a bomb:
SSL was going to be rolled out as a ranking factor.
That’s right, sites that use SSL certificates get a boost in the SERPs. It might not be a huge boost, but I think you’ll agree with me that any boost in search rankings is a good one. When I moved my portfolio site to HTTPS, I experienced a notable bump in my search rankings.
But now Google is going even further. Starting in January 2017 (AKA right around the corner), Google will mark“HTTP pages that collect passwords or credit cards as non-secure.” That means your WordPress login page will be marked as non-secure if you’re not using HTTPS. Here’s what that change will look like in Google Chrome:
Use “SSL For Free” to Configure Your Let’s Encrypt Certificate
If your host doesn’t support Let’s Encrypt, you may still be able to get your free SSL certificate by using a website called SSL For Free.
The site will help you configure Let’s Encrypt certificates. But, you will need access to your site’s FTP details and potentially support from your host.
If at all possible, you should try to find a host that offers direct Let’s Encrypt support because it greatly simplifies the process.
Other Free SSL Certificate Options
While Let’s Encrypt is the most popular free option, it’s no longer the only show in town. Here are some other options:
- Cloudflare – Cloudflare offers a shared SSL certificate on their free plan. If you’re already using Cloudflare, this is a great way to get your site up and running with HTTPS.
- FreeSSL – While it’s not publicly available yet, FreeSSL is a free SSL certificate project from Symantec. Nonprofits or startups can get FreeSSL right now. Otherwise, you can sign up to be notified when it goes public.