How to Get Free SSL Certificate from FastComet for Your Website

Updated on May 22, 2020

Online security has increased in the past few years mainly thanks to the trust that certificates create. SSL Certificates enable HTTPS and offer complex encryption for the sensitive data on your website which ensures that no information is passed in plain text. Unencrypted data is an easy target for hackers and it can result in stolen accounts or payment details of your clients.

We recommend all sites utilize HTTPS, as it has a lot of additional benefits beyond security. But, is there a price for such convenience? Avoid browser not secure warnings and improve your site's trust and search ranking on Google with an SSL-encrypted website. Below we highlight what an SSL certificate is, how it works, and how to set up SSL with any FastComet plan at no cost. Most other hosted eCommerce solutions or hosting companies will have you purchase and charge you hundreds of dollars every year for an SSL certificate. If you are a small to mid-sized business there is no need to purchase an SSL certificate and pay for its installation. 

In this post, we will cover:

What is an SSL Certificate?

SSL/TLS (Secure Socket Layer) is the standard security technology for establishing an encrypted link called "encryption in transit" between a web server and your browser (using a secure protocol). It encrypts data and communications in the transmission and ensures that all information that is sent is secured (no data sent in plain text). By encrypting and securing any data that passes through this connection you help to prevent any data theft or hacking. Plus, if any data is stolen from this connection it’ll be impossible to decipher since it’s encrypted.

An SSL certificate contains the following information:

  • The certificate holder's name;
  • The certificate's serial number and expiration date;
  • A copy of the certificate holder's public key;
  • The digital signature of the certificate-issuing authority.

Why Do I Need An SSL Certificate?

As the backbone of the secure Internet, SSL protects all sensitive information while it travels across the World Wide Web. Having an SSL Certificate is essential, even if your site does not handle sensitive information about your visitors.

In the past, SSL was commonly used for eCommerce or membership websites only to protect and secure sensitive information, like banking details, credit card numbers, passwords, login information, and sensitive personal information. However, today with stricter privacy standards such as GDPR, almost every website can benefit from installing an SSL certificate to protect any user information.

  • Improve Performance. SSL enables HTTP/2, which has the potential to make websites up to two times faster with no changes to existing codebases. Modern TLS also includes performance-oriented features like session resumption, OCSP stapling, and elliptic curve cryptography that uses smaller keys (resulting in a faster handshake). TLS 1.3 reduces latency even further and removes insecure features of TLS making HTTPS more secure and performant than any previous version of TLS and its non-secure counterpart, HTTP.
  • Grow Search Engine Ranking. Starting from 06/08/2014, HTTPS has been a confirmed Google ranking factor, so getting a small rankings boost is another great reason for switching over to HTTPS.
  • Boost Sales and Conversions. Having such safe encryption will give a big boost to the website credibility and increase your revenue as your clients will trust your website more than your competition's. SSL is an absolute must-have in today's market.
  • Improve Security. SSL certificates are good practice when it comes to website security, especially for websites collecting any form of data—whether that’s credit card data, login credentials, names, addresses, or any other form of Personally Identifiable Information (PII). Using an SSL certificate will prevent any hacker from getting important information stored on your website or transferred via https SSL protocols.
  • Establish Trust. Web browsers give visual cues, such as a lock icon or a green bar, to make sure visitors know when their connection is secured and their sensitive data is safe with you. When they see these cues, this increases their trust and they will be more likely to buy from you. SSL providers will also give you a trust seal that instills more trust in your customers.
  • Comply with Regulatory Requirements. SSL is a key component to satisfy the requirements outlined by the Payment Card Industry Data Security Standards (PCI-DSS).

How to Get Free SSL Certificate from FastComet

Every website should use HTTPS. No matter if you’re a blogger, a small business owner, or a large organization, an SSL certificate protects data flowing to and from your site. At FastComet, we are proud to be a part of the huge community of Technology companies, with the mission to help make the Internet more secure, and widespread adoption of HTTPS is a great step towards achieving this goal.

Taking advantage of FastComet's Free SSL is easy and will ensure your website is safe and your clients can feel secure. Let's Encrypt and GlobalSign SSL are SSL certificates that could be a great alternative to the paid options for your startup website or online project. We offer them for free as a bundled package with our Web hosting plans. We’ll install your SSL certificate, fix redirect errors, and even renew your cert before it expires completely free of charge.

Install Let’s Encrypt SSL Certificates

There are various free SSL Certificate options available on the internet today. The most popular option for free SSL is being spearheaded by the Let’s Encrypt initiative — an open collaboration between a number of global organizations dedicated to creating a more secure and privacy-respecting web by issuing digital certificates needed for sites to secure their network traffic. Millions of companies, nonprofits, and public sector entities use Let’s Encrypt certificates to create a secure connection with Web users all across the world.

The Let’s Encrypt SSL certificate is trusted by all major browsers & devices. Visitors will recognize that their personal data, such as credit cards or emails, are properly encrypted.

Our team was paying close attention to the Let's Encrypt initiative since the very beginning. It is hardcoded into our values to offer our customers cutting edge technological innovations and high-quality assistance and we are extremely proud to be part of the huge Let’s Encrypt community. 

Setting up SSL with our Let’s Encrypt integration is extremely easy. Make sure your domain is pointed to FastComet before proceeding. Additionally, the FastComet team has created a step-by-step tutorial on how to implement a free Let’s Encrypt certificate

Free SSL certificates (Let’s Encrypt) deployed via FastComet are renewed automatically every 90 days.

In 2018, Let’s Encrypt introduced the ability to generate wildcard certificates for domains such as *.domain.com. FastComet was one of the first companies to support their ACME2 (Automated Certificate Management Environment) protocol that provides the ability for users to get free wildcard certificates. In other words, if you had a wildcard certificate for the domain *.domain.com, that single certificate could be used for www.domain.com, blog.domain.com, shop.domain.com, and any other subdomains.

Install Cloudflare Universal SSL Certificate

Cloudflare allows any Internet property to become HTTPS-enabled with the click of a button. 

There are two different arrangements for loading a site over HTTPS: flexible or full (or full strict).

  • Flexible allows an HTTP (unencrypted) connection between Cloudflare and the FastComet servers and does not require an SSL certificate.
  • Full requires an HTTPS (encrypted) connection between Cloudflare and the FastComet servers. 

The option you are looking for here is Flexible SSL. The Flexible SSL option allows a secure HTTPS connection between your visitor and Cloudflare but forces Cloudflare to connect to your origin web server over unencrypted HTTP. An SSL certificate is not required on your origin web server and your visitors will still see the site as being HTTPS enabled.

Install GlobalSign Private SSL

With FastComet, you can also get your free Private SSL - GlobalSign. Along with FastCloud Plus, you get one year of free GlobalSign service subscription as a bonus to the hosting service. Being on our FastCloud Extra plan would provide you with a free GlobalSign Private SSL for as long as you keep your FastComet services active. The SSL is private and is assigned to your domain. It will cover all of the subfolders so you can safely configure it on your website. 

To request the installation of the GlobalSign SSL certificate, you can simply post a ticket to our Technical Support team via your Client Area. Note that we are using the latest cPanel release on all our shared hosting servers. It provides SNI (Server Name Indicator) support, which means that there is no longer the need for a dedicated IP address on your account so the SSL certificate can work. Once you request the installation, our technical support team will complete it for you and there will be no downtime for your website. 

How to Achieve SSL Labs A+ Grade with FastComet?

SSL/TLS, when implemented correctly, is a vital technology to secure user data when it is in transit between the user's browser and the website server. For full coverage, a website should also be using HSTS to protect against protocol downgrade attacks and cookie hijacking.

Supporting the HTTP Strict Transport Security (HSTS) protocol is one of the easiest ways to better secure your website, API, or mobile application. HSTS is an extension to the HTTP protocol that forces clients to use secure connections for every request to your origin server. FastComet provides HSTS support on all our Shared Web Hosting packages with just a couple of clicks. To implement HSTS for your website, you must have a valid SSL Certificate. If you employ subdomains in your content structure, you will need a Wildcard Certificate to cover HTTPS only. Alternatively, you’re pretty safe with a Domain Validated, Organization Validated, or Extended Validation SSL Certificate. Make sure you have these installed and working correctly. Just a quick reminder that we fully support Let’s Encrypt Wildcard certificates. Using the Free Lets’ Encrypt Wildcard certificate makes the setup and maintenance of websites with subdomains much easier, as they can now be encrypted with a single certificate.

Having HSTS enabled for your website, web browsers automatically change any insecure requests (HTTP://) to secure requests (https://). Web browsers recognize this header, and then take care of the rest without any further intervention on your part. Not only does HTTP Strict Transport Security (HSTS) help you get an A+ SSL rating from SSL Labs, it will help protect your website against two primary types of man-in-the-middle attacks (MitM): protocol downgrade attacks and cookie hijacking. To see if your SSL certificate is working properly, head over to SSL Labs, fill in your domain name, and see what kind of score you get.

How to Avoid Mixed Content Warnings – Not Secure

It is important to set up SSL correctly without mixed content that may compromise security. Mixed content happens when resources on the page (such as  URLs of the images) are not loaded using the HTTPS protocol. Furthermore, even if a single URL still loads using the insecure HTTP protocol, then browsers will treat your entire website as not fully secure.

Fixing mixed content can be a tricky process, and is often the main cause why websites with valid SSL certificates have errors next to their padlock icon. FastComet customers can leverage our Tech support team for Free SSL installation, ongoing management, and support. 

Conclusion

SSL/TLS, when implemented correctly, is a vital technology to secure user data when it is in transit between the user's browser and the website server. For full coverage, a website should also be using HSTS to protect against protocol downgrade attacks and cookie hijacking. SSL certificates can be obtained for free and implemented in minutes through technologies such as Let’s Encrypt and Cloudflare, bundled with FastComet’s web hosting plans.

We hope you find this article useful. Discover more about FastCloud - the top-rated Hosting Solutions for personal and small business websites in four consecutive years by the HostAdvice Community!

SSD Cloud Hosting

  • Free Domain Transfer
  • 24/7 Technical Support
  • Fast SSD Storage
  • Hack-free Protection
  • Free Script Installation
  • Free Website Transfer
  • Free Cloudflare CDN
  • Immediate Activation
View More