What is an SSL certificate, and how do I get one?
It’s possible to use SSL security for your website on our servers. Doing so allows you to display secure, encrypted pages to your visitors.
You’ve probably seen SSL security in action when you purchased something online: your Web browser activates the “lock” icon and tells you that your connection is secure. Encrypted pages are used to submit credit card numbers, passwords, and other sensitive information.
To use SSL security on your website, you need what’s called an “SSL certificate”. The SSL certificate serves two purposes: it allows your visitors to encrypt the information they send to your website, and it proves your identity to visitors.
On this page:
- Getting an SSL certificate
- Why doesn’t my browser say my site is secure after I get a certificate?
- What browsers do Let’s Encrypt certificates work with?
- Limitations of free Let’s Encrypt certificates
- A reminder about credit card number security
- Can I get an Extended Validation (EV) SSL certificate?
- Can I use third-party SSL certificates on my site?
- Does Tiger Technologies offer SSL certificates for use on other servers?
Getting an SSL certificate
SSL certificates used to be expensive, but we now provide free certificates from an organization called Let’s Encrypt, which is sponsored by Google, Mozilla, the Electronic Frontier Foundation, and others.
We automatically obtain, install and renew a Let’s Encrypt certificate for all hosting customers where possible. You can verify that it’s been issued by logging in to the “My Account” control panel and clicking SSL Certificate.
There may be rare cases that we weren’t able to automatically add a SSL certificate for you, such as when you use third-party DNS servers. In those cases, that same page will help you get a certificate.
Why doesn’t my browser say my site is secure after I get a certificate?
After you get an SSL certificate, you may need to make sure the URLs of your site are set to use secure “https” links.
What browsers do Let’s Encrypt certificates work with?
The free Let’s Encrypt certificate, installed on a free shared IP address, should work for visitors using any popular desktop browser and operating system released in 2007 and later, or any mobile browser and operating system released in 2010 and later. This covers almost everyone.
The certificate can also work with older browsers, notably Internet Explorer 6 and other browsers running on Windows XP, if you do two extra things:
- Purchase a dedicated IP address so that the certificate works even when the browser doesn’t use Server Name Indication; and
- Enable SSLv3, which is not usually recommended because it reduces security. (Most credit card companies won’t allow this, and therefore won’t allow you to accept credit card numbers from people using Windows XP at all.)
Limitations of free Let’s Encrypt certificates
In a very small number of cases, a free Let’s Encrypt certificate may not be appropriate. We also offer paid AlphaSSL certificates that:
- Can be installed for your site even if the DNS doesn’t yet point at our servers;
- Can work with some unusual SSL client software, including direct connections from Java applets.
Other than these differences, AlphaSSL certificates work identically to Let’s Encrypt certificates.
AlphaSSL certificates cost $2.00 per month for a basic certificate and $5.00 per month for a wildcard certificate. If you want to order one of these, please contact us instead of using the “My Account” Let’s Encrypt certificate order form.
A reminder about credit card number security
When you use an SSL certificate to collect credit card numbers, remember that it only protects the visitor’s card number as it passes between his or her Web browser and your site. It does not help you securely store credit card numbers in a file or a database on the Web server, nor does it send the card numbers to you securely afterwards. Be sure your e-commerce system handles that end of the transaction in a secure manner (usually by using encryption to safely forward the data to another server at your credit card company).
Can I get an Extended Validation (EV) SSL certificate?
We don’t currently offer Extended Validation (EV) certificates, which require stricter checking (including review of your business records).
However, if you buy an EV certificate from another SSL company, we can usually install it on our servers for your site, as described below.
Can I use third-party SSL certificates on my site?
If another company has provided you with an SSL certificate that you want to use instead of a Let’s Encrypt certificate, we can usually install it for you at no extra charge. You’ll need to provide us with:
- the private key file;
- the certificate file; and
- any “intermediate certificate” files.
In addition, the key file must not require a password to be entered when the web server is started.
Does Tiger Technologies offer SSL certificates for use on other servers?
No. We only provide SSL certificates for website hostnames that are directly hosted on our Web servers. We don’t sell or provide certificates for use with other servers.
If you need a certificate for other servers, you can probably get them yourself from the Let’s Encrypt service, completely unrelated to us.