How to get your website HTTPS in just a few simple steps.

Google began prioritizing secure sites in 2014. Since 2018, Chrome has labeled HTTPS sites as not secure. No one wants that!

Beyond not wanting the label and the penalized search engine page ranking, you definitely need a secure site in several instances. GDPR requires an SSL certificate for businesses that store customer data.

Carefully consumers might be wary to hand over their credit card details if your site isn’t secure. So an SSL is a sound business decision in most cases, even if you aren’t required to have one.

Here’s how to get your website to HTTPS status in a few simple steps.



There are three types. Domain validation (DV) offers you a basic encryption level.

The next level is more expensive and harder to get. It is called Organization Validation, and it means that the business is verified as a legal entity. It takes longer to get than a DV SSL.

The highest level of certification, used for entities like banks, is called an Extended Validation. It verifies the government records and independent business listings as well as the identity of the person who wants the SSL. This includes a phone call and can take a while. It is the most expensive option.

You will need to choose your level of validation, but you will also need to choose the type of SSL certificate that will benefit your business.

A DV only works for one website with no subdomains.

A wildcard certificate will cover subdomains.

A multiple domains certificate will cover several domains from one registration.



There are a few ways to get an SSL.


This is by far the simplest way to do things. There are many steps to uploading a third-party SSL certificate. If you buy one from your hosting provider, you can just click a few buttons and be done.

You may find a good deal on a basic SSL if you buy one from your hosting provider. These certificates are good for one year, so consider the long-term cost of working with your hosting provider



You will have some uploading to do if you do this. It’s still worth it, especially if you love working with your hosting provider and they don’t carry SSL certificates.



You can get a free SSL, but they only last three months. These only come in DV form, or Domain Validation form. These will not work for many businesses, but for a small business or someone who doesn’t store user data they will work fine.



Before buying a certificate, be sure that your hosting provider actually supports HTTPS. There are a few that still don’t.

First, pick out your type of domain.

Generate a private encryption key with your host provider. You also need a CSR, or certificate signing request.

Order the SSL from your SSL vendor, and give them the CSR you created.

They will sign it after you go through the verification process.

Download your SSL from their server and upload it to your website.

Manually change your links to relative links, or force redirects to your HTTPS pages. It will take some time for the traffic counts to transfer over to your secure pages.

Set up internal 301 redirects to your HTTPS pages.

Test your SSL certificate on an appropriate website.

Index your new pages with Google.

Make sure to watch for and fix bugs. Errors tend to pop up during the additions of SSL certificates.

And that will do it. Good luck with the setup of your SSL certificate, you’ll be glad you no longer have to see that “Not Secure” notification in the browser.

How Can TLG Help?

Helpful Articles

Scroll to Top