The Current SSL Procurement and Setup Process
Obtaining a SSL certificate for a website is considered best practice. Not only do they encrypt all incoming and outgoing data from a website, Google also gives a SEO boost for having one installed on a website. Moreover, visitors to a site feel more comfortable submitting contact forms and completing purchases on sites that boast a SSL certificate.
But not that many sites use SSL. Why?
I have come across 1 solid reason for lack of SSL enabled websites in my 15 years of web development:
SSL certificates are a pain to acquire, install and maintain.
Let me take you through the current process of purchasing and setting up a SSL certificate:
- Request the certificate from a provider: The request process can take anywhere from a couple of hours to a couple of days. Once the request is approved, then the purchase happens.
- The DNS and website owners must independently approve the certificate through clicking an activation link in two separate emails: This isn’t horrible, right? We have all clicked on confirmation links in emails. They are quick and quite efficient. However, the confirmation email might have to be sent to a set email address. What does this mean? GeoTrust, for example, requires that confirmation email be sent to either email@example.com, firstname.lastname@example.org, or email@example.com. If the email address does not exist, you are required to create it.
- Install the certificate: The SSL certificate is emailed to the webmaster in the form of a txt document that must be converted to keys OR installed as a text copy and paste.
- Finished…or are we? SSL certificates are finite and have a set expiration date. The entire process above must be completed about once a year, or once every six months. IF the ssl certificate is not renewed on time, then your site visitors will see the following screen:
No site owners or visitors want to see the screen above. Traffic and engagement drop tremendously during these lapses and it could take multiple days to renew a certificate.
Everyone knows that a secure web is the better web. We offer and advise all of our clients to use a SSL certificate on their site. It’s 110% worth the effort even with all the headaches during the purchase and setup. Now, that old process is about to be retired.
Let’s Encrypt is “a free, automated, and open certificate authority (CA), run for the public’s benefit.” Alliant Studios is now empowered to create, maintain, and renew SSL certificates. So, what does the new process look?
- If you host with Alliant Studios, your site will be issued an SSL certificate at no extra charge.
- The client is not responsible for creating any additional email accounts for potential verification emails.
- The client is not responsible for renewing certificates.
It’s really that simple. And it’s amazing. And it’s a smart reason to have Alliant Studios care for your site.