Fast and reliable hosting,
at the most affordable prices in Uzbekistan
24/7
+99871 200 60 02
+99894 345 60 02
● Sign in
πŸ”’
blog.cat.ssl

Installing SSL on Hosting: Let's Encrypt and Commercial Certificates

02.05.2031
← All articles

An SSL (Secure Sockets Layer) certificate is needed to encrypt the connection between your site and visitors. Without SSL the site runs over http:// and Chrome and Firefox browsers warn "This site is not secure". With SSL it runs over https:// and shows a green padlock.

SSL types

Domain Validated (DV) SSL β€” the cheapest and simplest. Only proves you own the domain. Let's Encrypt (free), Sectigo Positive ($10/year), Comodo PositiveSSL ($15/year).

Organization Validated (OV) SSL β€” the company is also verified. The browser certificate details show the organization name. $50-200/year.

Extended Validation (EV) SSL β€” the strictest verification. The URL bar showed company name in green. $100-500/year.

Wildcard SSL β€” covers all subdomains (*.kompaniyam.uz). $50-200/year.

Free SSL via Let's Encrypt

Since 2016 Let's Encrypt has issued free SSL certificates. In cPanel it's installed automatically (AutoSSL): cPanel β†’ SSL/TLS Status β†’ "Run AutoSSL". SSL is active in 1-2 minutes.

The certificate lasts 90 days, then auto-renews. This is Let's Encrypt's security policy β€” short validity reduces attack risk.

Installing a commercial SSL

After buying SSL from Sectigo, DigiCert, GlobalSign, or similar: 1. Generate the CSR (Certificate Signing Request) β€” cPanel β†’ SSL/TLS β†’ CSR Generator. 2. Send the CSR to the provider. 3. The provider sends back certificate files (certificate.crt, intermediate.crt). 4. In cPanel β†’ SSL/TLS β†’ Install SSL Certificate, install them. 5. The domain's "SSL Status" turns green.

SSL testing and monitoring

SSL Labs (ssllabs.com/ssltest) β€” analyzes SSL configuration. An A+ rating is great. Browser check β€” green padlock, certificate details, expiry date.

Before SSL expiry uptime monitoring (UptimeRobot, Pingdom) should alert you β€” if Let's Encrypt auto-renewal fails, the site is left without SSL.

HTTPS migration

Steps to migrate from HTTP to HTTPS: 1. Install SSL. 2. Change WordPress URL to HTTPS (Settings β†’ General β†’ Site URL). 3. Add HTTP β†’ HTTPS redirect in .htaccess: RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]. 4. Find and fix mixed content (http:// resources to https://).

Sayt.uz practice

Sayt.uz hosting plans install and auto-renew Let's Encrypt SSL β€” every client gets free SSL. For commercial SSL we resell Sectigo and DigiCert (80,000 - 1.5M sum/year). 99% of clients use Let's Encrypt; only 1% buy commercial SSL (mostly banks and large corporations). Tip: for a typical business Let's Encrypt is enough and reliable. There's no reason to pay for EV SSL β€” browsers removed the EV indicator in 2019.

Related articles

⭐ Wildcard SSL β€” one certificate for all subdomains πŸ†“ Let's Encrypt free SSL vs commercial β€” when to use what πŸ” SSL validation β€” Email, HTTP or DNS πŸ”‘ CSR and private key β€” essential SSL files
🌐 Language
πŸ‡ΊπŸ‡Ώ O'zbek πŸ‡ΊπŸ‡Ώ ЎзбСк πŸ‡·πŸ‡Ί Русский πŸ‡¬πŸ‡§ English βœ“