How to Setup SSL (https) for Voluum Tracking Links in Cpanel
In my earlier articles, I have showed you how to setup your voluum campaign and how to use custom domain for voluum tracking links. Now, I am going to show you how to install SSL for your voluum custom domain, because many affiliate networks don’t usually accept non-SSL or non-https postback URL. They only allow you to use secure postback URL. For this, you need to have a SSL certificate installed in your webserver for your domain, and just you can’t just use https without buying and installing the SSL certificate from trusted providers. Today, I am going to show you how to do that.
What is SSL?
SSL stands for Secure Sockets Layer, which enables to establish a secure encrypted link between the webserver and the user accessing the site. Usually the link is between the webserver and the web browser like (Google Chrome, Mozilla Firefox etc.). To setup a SSL for your domain, you need to get a SSL certificate from Certificate authorities like Comodo, Symantic, Thawte etc. You can also use self-signed certificates, but use of self-signed certificates will display a warning message to your users when they access your https site. In order to gain trust from your users, it is advised to use the certificate from trusted certificate authority who will provide a verified SSL certificate.
What are SSL Certificates?
SSL certificates are nothing but digital files which contains encrypted data of the organization or your company details bind with a cryptographic key. When a SSL certificate was installed on a webserver for a domain, Users can establish an encrypted connection over https protocol. This certificate will helps in activating a padlock between the webserver and the user’s browser. Usually, SSL’s are used when doing secure transactions like credit card payments or other bank transactions.
So, when you browse websites which are not https, the data you send out is unencrypted and it is possible to attackers to sniff your traffic and get your submitted data. That’s why credit card transactions always go through https protocol only. This way, your submitted data will be encrypted and also the data will get a padlock which only can be viewed if you have the corresponding public or private key. So, without the key and also with the encryption of data, no one can do anything with your data. For people who use non-https url for submitting their data, their data moves from his computer to the remote webserver without any encryption. And the attackers can easily sniff your traffic and can get your data.
SSL certificates are created by using RSA private key and public key and the data encrypted by any of the key can be accessed by the other. Usually, when creating an SSL certificate, you need to generate a private key and CSR (Certificate Signing Request) and submit them to certifying authority who will then issue SSL certificate. Your company’s identity can be verified with its corresponding public key ensuring that the data only could have come from the server.
Self-signed SSL certificates:
You can create your own SSL certificates which are called as self-signed certificates. Anyone can create their own SSL certificates with openssl using their Cpanel or Linux Shell. But it will not prove you that the connection established is an authenticated connection to the user from your webserver, means it will display a warning message to the user like as shown in the below.
Warning message in Internet Explorer
Warning message in Mozilla Firefox
Warning message in Google Chrome
You won’t get this error message if you install a certificate which was purchased from a certificate issuing authority.
You will get this error message because, anyone can create self-signed SSL, but it was not verified by trusted certificate authority. So, even the hackers can fake it by creating their own SSL and try to resemble your company. So, getting a certificate from the certified authority will prove you to the user that your company is legit and he is dealing directly with your website in encrypted mode. Though, self-signed certificates can establish an encrypted connection, but it won’t prove that, the customer is dealing directly with your organization.
Anyways, heading back to the actual topic, setting up SSL:
It involves the following steps
- Generate a Private key
- Generate a CSR (Certificate Signing Request)
- Buy an SSL certificate from certified authorities like Comodo, Thawte etc.
- Send them your CSR and they will send you the certified Certificate file.
- Install the certificate along with the private key in your Cpanel.
Step 1: How to Generate a Private Key
You can generate your private key, by logging into your Cpanel. After you have logged into your Cpanel, Go to Security tab, in that you can find SSL/TLS Manager.
Click on SSL/TLS Manager to generate your private key.
Now, click on Generate under Private Keys (KEY)
Now, click on Generate to generate your private key.
Finally, this is how your Private Key will look like
Step 2: How to Generate CSR (Certificate Signing Request)
In order to Generate CSR, click on Generate under Certificate Signing Request (CSR) in your SSL/TLS Manager.
After, that, it will ask you to enter details about your company. Enter those details and click on Generate to generate your CSR.
Do not enter passphrase when entering your details for CSR. Otherwise it will prompt for password whenever you restart your server.
Click on Generate after entering your details, it will generate your CSR. See below for an example
Step 3: Buying SSL from Certificate Authority
Before you buy SSL certificate, you must know the types of certificates available.
- Domain validated SSL certificates
- Organization Validated SSL Certificates
- Extended Validated SSL Certificates
- Single Domain Name SSL Certificates
- Wild Card SSL Certificates
- Multiple Domain Name SSL Certificates
Domain Validated SSL Certificates: Buying Domain validated SSL certificates is pretty use, you just need to visit the certificate authority website and choose a package and buy it. They will verify your domain ownership through email by asking you to upload a small html file in your domain’s root folder and once you have verified your domain’s ownership, you will be issued with a certificate in the form of .crt file.
Organization Validated SSL Certificates: These type of certificates are for organizations like Google, Amazon and other companies. Verification for issuing certificate for organizations include verification of the company’s location. So, issuing of organization validated SSL certificate may be little longer than domain validated certificates.
Extended Validated SSL Certificates: Issuing of extended validated SSL certificate maybe a lengthy process, because, the issuing authority will verify the physical existence of business along with domain ownership and also, it verifies the legal existence of the organization. The issuing authority also verifies whether the company is aware of the request for SSL certificate and then approves and issue the certificate.
Single Domain name SSL certificate: Every marketer should need to aware of this info. Most of the SSL certificates you get under $10 – $50 are single domain name SSL certificates which means, the certificate is only valid for www or your root domain.
You cannot use the same SSL for sub domains like
So, if you are using a sub domain for your tracking purposes, you need to make sure which SSL certificate are you buying.
Wild Card SSL Certificates: Affiliate marketers who plan on installing voluum on subdomain like track.yourdomain.com, should need to buy Wild Card SSL Certificate. Because, you can able to use this certificate in multiple sub domains. Unlike Single domain name SSL certificate, you can use this in all of your sub domains.
Multiple Domain Name SSL Certificates: With multiple domain name SSL Certificate, you can use this certificate in unlimited domain names. If you have a network of websites which are registered under single organization, you can use this kind of SSL certificate for your needs.
For most of us, we only need either Single domain name SSL certificate or Wild Card SSL certificate. Since, I installed my voluum in track.mydomain.com
So, I need to get a wild card SSL certificate, in order to use SSL in my tracking.
Step 3: Buying a SSL Certificate
Now, I am going to buy a wild card SSL certificate.
There are many providers for SSL certificates which you can find by doing a simple Google Search for SSL certificates. Choose the one you want.
I am going to buy it from SSLS.com.
Step 4: Sending your CSR (Certificate Signing Request)
After you paid for the SSL certificate, you will get an email from them asking you to upload your CSR.
Once, you have uploaded your CSR to them, they will issue your SSL certificate authorized by them.
Step 5: Installing your SSL certificate
After, you got your certificate, go to your Cpanel > Security > SSL/TLS Manager
Click on Upload Certificates under Certificates (CRT)
And, now upload your .crt file using the Certificate uploader which you have got from your SSL provider.
That’s it. You have installed your SSL certificate for you domain. Now, you can able to access your domain through https protocol.
If you have bought a wild card SSL, then you can able to access all the sub domains using https protocol.
Now, for voluum postback URLS, just place https instead of http in your postback URLS. Everything will work smoothly thereafter.
You can use the same procedure for installing SSL for your CPV lab or any other tracking software.