Google recently announced that encrypted websites would contribute to minor quality signals for its algorithm. If you have a VPS or dedicated hosting, you can buy an SSL certificate from a certificate authority and install it on your server. This article explains how to generate a CSR and install an SSL certificate on your website domain.
If you keep up with SEO news, you probably heard that Google recently announced it would use encryption as a minor quality signal for its ranking algorithms. An SSL certificate provides the “HTTPS” functionality you need for taking encrypted customer information and payment processing. With Google’s new changes, website owners are buying certificates and adding them to their sites. If you have a dedicated server or a virtual private server (VPS), you can buy a third-party SSL certificate and install it yourself through Windows Internet Information Services (IIS). This article explains how to create a signing request and install it on your server.
Create the Certificate Signing Request (CSR)
The first step is to create a request. A request or CSR is a plain text file with an encryption key you then send to a certificate authority that sells you an SSL certificate. This key is what you use to encrypt data between your web server and the customer’s browser.
To create a CSR, open Windows IIS on your server. Click the server name in the left panel, and then click “Server Certificates.” In the right panel, click “Create Certificate Request.” A window opens that starts the CSR process.
Type the information you need in the text boxes displayed. Note that these values should match your actual company information. Most SSL certificate companies check this information and verify its accuracy. It’s also important that the domain and URL matches the domain that you’ll be using with the certificate. If you type the information incorrectly, the certificate authority will deny your request or SSL won’t work on your site.
Choose a bit length for the certificate and save the CSR to a text file. You’ll need this text file when you apply for your SSL certificate at any authority.
Install Your SSL Certificate on the Server
After you buy your SSL certificate, it’s time to install it on your server. The certificate authority you order the SSL from sends you a file that you use to install SSL on your server. You might have several domains configured on your Windows server, but you can only use the SSL certificate with the domain you entered when you generated the CSR.
Open Windows IIS again and click “Server Certificates.” Click “Complete Certificate Request” in the right panel. A window pops up asking for the CER file sent to you by the certificate authority. After you choose the CER file on your server, type the domain you’ll use with the file. Again, this domain must match what you used with the CSR. At this point, the SSL certificate is installed, but you must configure your site to use the SSL protocol.
Binding SSL to Your Site
Open your website in IIS and click “Bindings” in the right panel. By default, the HTTP protocol is bound to port 80, but you must add HTTPS and bind the protocol to port 443, which is the port used for SSL.
Click “Add” in the “Bindings” window and select “HTTPS” from the dropdown. Type your domain in the “SSL certificate” text box and ensure “443” is in the port text box. Choose “All Unassigned” in the IP address dropdown unless you have multiple IP addresses assigned to your server. If you have multiple IP addresses assigned and have different websites assigned to these IP addresses, choose the site’s IP address and click “OK” to save the changes.
At this point, your SSL certificate is configured and bound to your website. The last step is to test the certificate. Open a browser window and type your domain name with “HTTPS://” instead of using the HTTP prefix. Your site should open without any errors. The browser should also display a lock indicating that the HTTPS protocol and certificate are working properly (like the one shown for paypal in the image above).