Obtaining an SSL Certificate

Learn how to obtain an SSL certificate and how to install it on your webstore

Introduction


Before reading this guide, we highly recommend you read the Donation Store installation guide. There is no point trying to install an SSL certificate unless those steps have been followed, including setting up your first webstore.

SSL Information and Why It's Important to Have on Donation Store


In all web applications, security is paramount. So much so that HTTP has become old and outdated. This can be reinforced by companies like Google and Mozilla marking all sites that use HTTP as unsafe. This is discouraging for anybody visiting a site, regardless of if you handle sensitive data. Donation Store depends on handling customers information and therefore making sure that said data is kept safe and in the right hands is your responsibility. It is not our responsibility and unfortunately we cannot police and make sure everybody installs SSL, however we can provide the tools to make it as easy as possible.

On a side note, a lot of payment providers won't even allow payments to happen through HTTP. That's why you may see them complaining if you don't use HTTPS. This is not a Donation Store issue but is because your site is not secured.

The Donation Store installation service also includes setting up a SSL certificate on your installation, this can be purchased here. A Donation Store developer will organise a time that suits you and will walk you through the installation on a server of your choice and will also complete the installation

Updating the Environment and Installing Dependencies


Before the certificate is obtained, some software and updates need to be installed. First off, update apt, install common software properties and add the universe repository.

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo apt-get update

If either commands asks to overwrite/fill disk space, enter "y" and then hit enter.

Install Certbot


Cerbot is the tool that we will use to generate the cert and install it into Nginx. To do so, simply install the Nginx version of the tool

sudo apt-get install certbot python3-certbot-nginx

Get SSL Certificate & Install


It is advised to automatically install the certificate. Certbot will generate a certificate, ask you which Nginx configuration you would like to install it onto and then go ahead and install it for you, so you don't have to do anything yourself. To do so, simply run.

sudo certbot --nginx

Replace yourdomain with the domain you want linked to your SSL certificate. If this is for your webstore, it is your webstore's subdomain. E.g: store.donationstore.io

Let's Encrypt will then ask for an email. Enter a valid email that you use, as this is where email notifications will be sent anytime you need to renew the certificate/or when there are problems with your certificate.

Read, then agree to the Let's Encrypt Terms of Service by entering A and then hitting enter.

Make a decision on whether or not you want to share your email, that's up to you!

It will take a few moments to generate your certificate but once done you should get a message saying "Congratulations". Your domain now has an SSL certificate added. Certbot will have added a cron job to automatically renew your certificate so you won't need to run Certbot again unless you change your configuration.


Have Questions? Open a Support Ticket

View Common Issues on the Knowledgebase

Video Guides on YouTube

Other clients and Donation Store developers hang out on our Discord server, where you can ask for support in #ds-chat, or if you are a Client and you don't uet have your Client role on Discord, let us know and we can add it. Once added you get access to our private Client's support channel.