This article provides a basic understanding of what HTTPS is, how to add SSL support to your website via cPanel and how it impacts Aimtell.
What the heck is HTTPS/SSL?
We’ve all heard the seen the movies – hackers taking control of computers, cars and even nuclear powerplants. They pull out their mobile device and instantly grab the credit card numbers of unsuspecting passerbys. While these scenarios are generally quite exaggerated, the reality is that most of these scenarios are based on some sort of reality.
In commercial website applications, a standard known as HTTPS has come to serve as a layer of protection for consumers from scenarios such as those above. With HTTPS all traffic between the server and visitor is encrypted. That means even if a malicious user tried to listen in on the traffic between you and another website all they would get is illegible jargon. HTTPS essentially means to serve HTTP(web traffic) over SSL(an encryption technique).
How can I tell if a site supports HTTPS?
Whenever you are browsing a website take a quick look at the address bar and look for “HTTPS” in the url bar. Most browsers will highlight the text and place a padlock icon next to it. You may also notice some sites with their company name next to the lock, this simply means the site took additional authentication steps when installing SSL on their website.
What does HTTPS have to do with Aimtell?
In order to take full advantage of Web Push Notifications we recommend that you make sure your website supports HTTPS. Unlike Safari, Google requires HTTPS to send web push notifications in an effort to increase the level of web security. If your site doesn’t support HTTPS you can still support push on browsers such as Safari, but not on Chrome.
Enough chit-chat, show me how its done!
The following shows how to install an SSL certificate via cPanel.
Step 1. Generating a new CSR
Log into your cPanel account and scroll down to the “SSL/TLS” section of your account. Once there, select “Generate a New Certificate Signing Request (CSR)” and enter the details in the fields. Note: unless you selected a wildcard subdomain SSL (meaning you can install the certificate on any subdomain i.e. subone.website.com, subtwo.website.com), you should only be entering in one domain in the domain field.
Once you hit submit you will receive your CSR request. Keep this handy as we will need it in just a few steps.
Step 2. Purchase the SSL Certificate
In this example we used gogetssl to purchase our SSL certificate. There are many options out there, we simply used this due to its low price point. Simply head to their website and follow their steps on purchasing your SSL.
Once your order is complete login and view your pending SSL certificate.
Step 3. Submit your CSR
The set up wizard is fairly self explanatory – for most users you will leave your web server software as “Apache” and the signature algorithm as “SHA2”. Here you will also be able to paste in your CSR for step #2.
After you have followed the steps and submitted your CSR, you may get an email asking you to verify domain ownership. Simply copy and paste your validation code in the links provided.
Step 4. Download CRT File
After you have completed all the verification steps, you should receive an email containing your newly issued CRT and Bundle File. You’ll need the CRT file momentarily so be sure to make note on where you saved it. If you did not receive an email, try logging into the gogetssl dashboard and downloading it from there.
Step 5. Upload CRT to cPanel
Load up cPanel again and head to SSL/TLS > Certificates and upload your newly issued certificate.
Step 6. Install SSL Certificate
Once you've uploaded your .crt, head back to the cPanel dashboard and look for WebHostManager(WHM). Inside the WHM you will find a section titled "SSL/TLS" within the side navigation. Click the link install SSL certificate on a domain and then click "Browse Certificates". Select your previously uploaded certificate and click use certificate. Afterwards, click install and voila - you are all set!
For those curious on how to install SSL certificates manually on Linux - stay tuned!