Ever since the “Big G”- Google announced that websites without HTTPS security will be shown with “not secure” tags on its Google Chrome browser and confirmation that HTTPS is a search engine ranking signal, most website owners now want to implement SSL on their websites but nobody wants to pay the yearly fees paid SSL certificates incur, the good news is that anybody can get a free SSL certificate easily.
SSL means Secure Socket Layer and is a protocol which encrypts data transfer and reception between websites and browsers. SSL Certificates are installed on website hosting servers to implement the SSL protocol. In the past, only websites which collected private user information such as credit card info, login details and others were required to use HTTPS but Google now wants every website to be secure.
Once an SSL certificate is installed properly on a website, the website url changes from HTTP to HTTPS with “S” meaning secure, HTTPS means Secure Hypertext Transfer Protocol.
Why is Google Making SSL Implementation Compulsory?
Websites which do not use HTTPS can be compromised by hackers to sneakily redirect users to malicious similar looking websites where your private information such as credit cards, passwords and other data can be stolen and used for fraud and other crimes, visitors could also be redirected to websites which would download malware and install to the visitors device without the user’s knowledge and this could cause severe damage to individuals and businesses.
SSL Certificates stop all these by showing you “https” in the url and a green padlock sign with a “secure” tag in the browser to tell you that you are visiting the authentic version of that website and not some sneaky similar looking website you have been redirected to for your private information to be stolen.
SSL Certificates increases the trust website visitors have in your website and makes it easier for them to transact business with you. Having an SSL certificate will also boost your Google search engine optimization efforts a bit as it is considered a ranking factor by Google.
Best Free SSL Certificate Companies
Most SSL certificates come at a cost of over $100 yearly which is too much for many website owners, find below the top providers of SSL certificates at absolutely no cost.
- Cloudflare
- LetsEncrypt
- Comodo
- WoSign
1. Cloudflare Free SSL Certificate
Cloudflare is a very popular website security company which is famous for its free and paid CDN – Content Delivery Network and protection from brute force attacks, DDos -Denial of Service attacks and many more serious web security issues.
Cloudflare has a free plan for its offerings and also has paid plans depending on what you need. Cloudflare offers free SSL certificates on all its plans including the free plan. In my opinion, it is the best free SSL certificate service provider available, I use it and it works perfectly, it is also one of the only completely free SSL certificates, most of the others are free for a maximum of 90 days.
To get the free Cloudflare SSL certificate, take the following steps
- Register for a free Cloudflare account
- Connect and Verify your website(s)
- Go to the Crypto Tab on the Cloudflare Dashboard
- Click create certificate on the Origin Certificate tab
- Select “Let Cloudflare generate a private key and CSR”
- Copy the generated Cloudflare private key and Origin Certificate
- Go to your website’s server backend i.e. your web hosting cpanel
- Click SSL/TLS
- Click generate, view, upload or delete private keys
- Go to “upload a new private key” text box
- Paste the Cloudflare private key and save
- Go back to the SSL/TLS page and click generate, view, upload or delete SSL certificates
- Go to “upload a new certificate” textbox
- Paste the Cloudflare Origin Certificate and save
- Go back to SSL Manager
- Select “Manage SSL sites”
- Click “Install an SSL website”
- Click Browse Certificates
- Select your previously uploaded certificate
- Click use certificate
- Choose your domain from the dropdown list
- Click Install
- Go back to Cloudflare Crypto Tab
- Enable “Full” SSL, not “Full Strict” or “Flexible”
- Enable “Always Use HTTPS”
- Enable “Automatic HTTPS rewrites”
And Boom! You’re good to go, refresh your website and see the change from HTTP to HTTPS for all webpages. If the process seems too tedious and technical for you, you can simply ask your web hosting company for help. For more details on how to install the Cloudflare SSL certificate, visit the Cloudflare Help Page.
The SSL certificate Cloudflare provides is okay for all purposes and highly trusted by top websites around the world but if you need to upgrade to a Dedicated SSL Certificate for the “Full Strict” SSL implementation, you can still use Cloudflare to implement it but you would need to buy a paid plan to do so.
You can also used a self signed SSL certificate instead of Cloudflare’s Origin SSL certificate but this is not advised because websites using self signed SSL certificates usually have a “Your connection is not private” browser error scaring away visitors from the website. Cloudflare SSL certificates can be used with all web hosts.
2. LetsEncrpyt Free SSL Certificate
Let’s Encrypt is another very popular free SSL certificate issuing service which boasts of thousands of users across the world.
Lets Encrypt is supported by some big web hosting companies and so is very easy to install on those web hosts, it is a simple one click install process. The SSL certificates offered are trusted certificates and secure.
Lets Encrypt certificates automatically renew every 90 days at no cost, it is completely free.
Popular web hosting companies which support Lets Encrypt currently include Dreamhost, WP Engine, Siteground and others listed here.
The major disadvantage of Let’s Encrypt is that not all major web hosting companies support it but that might change very soon.
3. Comodo Free SSL Certificate
Comodo is one of the biggest and most popular paid SSL certificate issuers but it also offers free SSL certificates valid for only 90 days.
Comodo free SSL certificates have 256 bit encryption and 2048 bit signatures which are the highest levels. It is a trusted SSL certificate and all major web browsers accept it.
4. WoSign Free SSL Certificate
WoSign provides SSL certificates for 2 years completely free to users and hence is one of the few services which give users completely free SSL certificates, most of the others like Comodo are valid for just 3 months after which users have to pay to continue using them.
Other free SSL Certificate providers include:
5. GeoTrust
6. DigiCert
7. Global Sign
8. Symantec
9. Thawte
10. Rapid SSL