I run my fair share of websites. I have found the best way to install https certs for free is the certbot tool (I use Ubuntu and Apache).
The simplest way to get started is to get your site viewable with no SSL. Make sure you can go to via https (you'll get a cert warning). Follow the link to the above instructions for your OS and Web Server.
Pro tip: make 3 config for your one site (see below sample for Apache2).
- Port 443 using www; www.yourdomain.com
- Port 443 no www; yourdomain.com
- Port 80 which redirect to one of the above.
Either send the www to the non-www or vice versa and point your non https(port 80) to that one as well
Have certbot make a cert for www and the non-www sites.
Note: Also, you can have as many SSL on one IP as you like.
When certbot is running correctly it will auto install a new cert every year.
The below sample will force all http traffic to https://anotherdomain1234.com/ and the subdomain (www) https://www.anotherdomain1234.com/ to https://anotherdomain1234.com/
you will want a cert for anotherdomain1234.com and www.anotherdomain1234.com this way the redirection does give a cert error to the user.
Sample Apache2 config before certbot:
<VirtualHost *:80>
ServerAdminThis email address is being protected from spambots. You need JavaScript enabled to view it.
ServerName anotherdomain1234.com
ServerAlias *.anotherdomain1234.com
DocumentRoot /var/www/anotherdomain1234.com/public_html
ErrorLog /var/www/anotherdomain1234.com/logs/error.log
CustomLog /var/www/anotherdomain1234.com/logs/access.log combined
RewriteEngine On
Redirect permanent / https://anotherdomain1234.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdminThis email address is being protected from spambots. You need JavaScript enabled to view it.
ServerName anotherdomain1234.com
ServerAlias anotherdomain1234.com
DocumentRoot /var/www/anotherdomain1234.com/public_html
ErrorLog /var/www/anotherdomain1234.com/logs/error.log
CustomLog /var/www/anotherdomain1234.com/logs/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdminThis email address is being protected from spambots. You need JavaScript enabled to view it.
ServerName anotherdomain1234.com
ServerAlias www.anotherdomain1234.com
DocumentRoot /var/www/www.anotherdomain1234.com/public_html
ErrorLog /var/www/www.anotherdomain1234.com/logs/error.log
CustomLog /var/www/www.anotherdomain1234.com/logs/access.log combined
RewriteEngine On
Redirect permanent / https://anotherdomain1234.com/
</VirtualHost>