A couple weeks ago, I purchased an SSL certificate for this website.
Why I got an SSL certificate
It’s not as if this website contains any super-secret posts on it. But I realized there was a security hole I needed to fill.
Whenever I travel, or work at a client’s office, I was connecting to my mail server without encryption. Because of that, it’s possible the local network administrator (or anyone who hacked into the network) could record my e-mail account IDs and passwords.
Of course, this doesn’t mean my e-mail is encrypted everywhere on the Internet.
When I send an e-mail, as soon as it gets to my site’s mail server, it continues on unencrypted. And anything sent into my mail server is also unencrypted until I retrieve it.
The only thing the SSL certificate is protecting is my mail accounts’ passwords. But that’s important enough to me to spend the money for it.
How I added an SSL certificate to my site
This site is hosted with HostGator.com. In their administration panel, you can request an SSL certificate for your site.
First, you need to request a static IP for your website. HostGator charges two dollars a month for this. Unfortunately, it looks like you can only set this up with monthly billing. Since I’ve pre-paid for hosting for a couple years, it would be nice to do the same with the static IP address. That would leave me with less to worry about in case my credit card ever has a problem in the future.
Then, you can order the certificate from HostGator’s administration panel for your website.
It takes a little while to get that completed. HostGator send the order to another company, so it isn’t a very ‘hands-off’ process. After placing the order with HostGator, I got an e-mail from the certificate company, had to notify HostGator, and then the certificate could be set up.
It wasn’t 100% smooth.
After the SSL certificate was set up, there was a problem displaying my website. It looked like the CSS wasn’t getting loaded. I sent a support e-mail and received a response that was incorrect and didn’t help. However, a couple hours later, the site was loading properly.
I changed Outlook to use the SSL port when sending and receiving my e-mails. It works fine, except for a warning message that comes up whenever I check my e-mail. All the URLs associated with it are for *.hostgator.com, and my mail is expecting it to be for *.scottlilly.com. All I need to do in Outlook is to accept the certificate each time, but I eventually want to see if that can be changed (once I’ve got some more free time).
So now I feel a little safer about getting my e-mail over a network that might be monitoring and recording its traffic.