The Internet is filled with all types of websites, be it blogs, entertainment sites, or eCommerce websites. One thing that is common with all these types of websites is the need for privacy and security. More so, when it comes to e-commerce portals, where sensitive customer details like Payment Information (Credit Card or Address) are transferred.
One of the giants when it comes to online payment processing is, PayPal. I’m sure you’ve heard of this website if you are an online store owner.
In a recent notice, PayPal has decided to take a stringent stance towards web security and online privacy. In the process, they’ve come up with some rigid policies to their online payment gateway service.
Here is the gist of it all.
“Make sure your website uses ‘HTTPs’ while connecting to PayPal services. i.e Install a reliable SSL certificate on your website”
Source: PayPal Knowledge
So, if you have implemented PayPal payment gateway on your website, you need to move your site to HTTPs if you want to proceed with hassle-free payments.
So All You Need is an SSL Certificate?
Well, kind of, But…
Installing an SSL Certificate on your website seems to be the logical path to follow when it comes to securing your website and it is true.
But here is the catch, just installing an SSL certificate might not necessarily make your website secure or ‘PayPal acceptable’.
There are several steps that need to be followed in order to have a fully functional SSL on your site. These include everything from manual changes to complete website testing.
My WebHost is Offering Free SSL Installation
Many Shared and Dedicated Webhosting providers offer Free SSL setup with their plans. This is done so as to lure customers in for a quick sale.
The quality of these free services, therefore, aren’t up to the mark. Most of these providers perform just these steps in order to setup an SSL.
- Generate CSR (Certificate Signing Request).
- Send CSR to CA (Certificate Authority).
- Install Certificate.
While these are the basic steps needed to install an SSL certificate, without thorough testing, a few common problems are bound to arise, such as:
- Site not getting redirected to HTTPS.
- URL Bar not showing Green Status.
- URL Bar not showing the Secure “lock” icon.
All of these issues can cause PayPal to not accept your website as a secure destination to redirect users to.
What Should be Done?
Getting your website SSL ready is a no easy task, especially when you are not aware of the various steps that need to be taken.
Here is an overview of what goes into setting up SSL on your website.
- Load all your website elements (JS,CSS, Images) through your HTTPs version.
- Replace every instance of your HTTP URL with your HTTPs counterpart.
- Apply proper 301 redirects, keeping in mind the SEO implications.
- Generate your CSR.
- Send CSR to CA.
- Install the resultant certificate.
- Check your SSL grading over at ssllabs.com
- Add the HTTPs instance to your Google Webmaster Tools.
- Update your Google Analytics code.
- Testing every link manually to check if it works.
I know all of this can be overwhelming, in fact, it can take up to 12+ hours to complete the entire setup. But this is necessary to future proof your website. There is a hint that, in the upcoming months, 2Checkout might also ask for SSL certificates.
Looking for someone to help you with SSL Setup? Contact Us.
Leave a Reply