Adding an SSL certificate to your domain allows it to be accessed over a secure connection using the HTTPS protocol. This encrypts the data transmitted between a visitor's web browser and your website, ensuring all data transmitted back and forth is safe and secure.
Why add an SSL certificate to my domain?
Avoiding browser warnings
These days, all sites should use an SSL certificate due to the fact that modern web browsers (such as Chrome) display an 'insecure' message if a certificate is not installed when visited.
As time goes on, more and more browsers will require SSL certificates to view your site, so it's recommended that you at least add a free 'Let's Encrypt' certificate to your site.
On November 1, 2018, Comodo announced that the company is rebranding to Sectigo. For more information about this, please see the following announcement at Sectigo's website:
Any Comodo certificate issued after January 2019 will reference Sectigo as the certificate authority, while any certificates issued prior to that will still reference Comodo. These are still the same company, and the only difference is the name.
Most often, SSL certificates are used with e-Commerce websites that sell products/services over the Internet. The SSL certificate is needed to protect the privacy of a visitor's/customer's transmission of personal, confidential, financial, or billing (credit card) information when making a transaction on a web site. For these types of sites, only a paid Sectigo certificate is recommended.
Search ranking boost
Search engines like Google will rank your site slightly higher in results if it has an SSL certificate.
What are the different types of certificates?
SSL certificates differ in the way they are validated. For example:
- DV (Domain validation)
- OV (Organization validation)
- EV (Extended validation)
View the following article for more information about these differences:
Adding an SSL certificate to your domain
View the following article for an overview on how to add different SSL certificates to your domain:
Continually renewing your SSL certificate
All SSL certificates expire. For example, a paid Sectigo certificate is good for one year after you purchase it. At the end of that year, you must renew it to continue protecting your site.
Let's Encrypt certificates expire every three months, however they are configured in the DreamHost panel to auto-renew.
No matter what type of certificate you own, it's important to always keep it active and never let it expire.
Considerations and caveats
The following are a few things you should be aware of before purchasing an SSL certificate.
Google owns the .dev TLD. As part of Google's initiative to secure website connections, .dev domains force HTTPS be default.
The SSL certificates that DreamHost offers through Sectigo or Let's Encrypt do not support wildcard-type (*.example.com) SSL certificates. This means each domain/subdomain that you set up Secure Hosting on requires its own SSL certificate.
Please note that if you attempt to add your own Wildcard certificate, technical support cannot assist in any way with any errors that may occur.
Traffic is not encrypted by default
Adding an SSL certificate to your domain does not automatically encrypt all connections since a visitor can still use http to connect to your site.
For example, if you go to http://example.com, your traffic is not encrypted. Any directory you access under that domain while using HTTP in the URL is also not encrypted. However, if you use HTTPS://example.com, your traffic is encrypted as well as any directory you access.
Note the 'S' in HTTPS. The 'S' character confirms the URL is secure.
To encrypt all traffic, you must add a configuration file to your site. This will force all connections to only use https when connecting. View the following article for instructions on how to force your site to use HTTPS for all connections:
There are a few extra steps for Wordpress sites. View the following article instead if your site is running WordPress:
Is a Unique IP required to use an SSL certificate?
No. In the past, Unique IPs were needed for older browsers which did not support Server Name Indication (SNI), however this is no longer the case. For more information, please see this article on SNI.
- Adding a free Let's Encrypt certificate
- Let's Encrypt SSL certificate overview
- Adding an SSL certificate overview
- CSR overview
- Should I add 'www' to my Sectigo SSL certificate?
- Why does my browser say my site is insecure?
- How much does an SSL certificate cost?
- Renewing your Sectigo SSL certificate
- Force your site to load securely with an .htaccess file
- Force your Nginx website to load securely
- How do I use an SSL certificate with WordPress?