Bluehost Free SSL Finally Arrives – Will GoDaddy Follow?

Last updated on

I woke up this morning to the good news that Bluehost free SSL is now available with Let’s Encrypt for ALL its hosting plans – not just WordPress. This is great. I went over to check their website, and it’s true:

Bluehost Free SSL is now available with Let's Encrypt

Going through Twitter, I heard that Hostgator was also in the process of including free AutoSSL, so it seems that all of EIGs companies are finally falling in line. This is great because I’d earlier written a post about traps that hosting companies use to get you to overpay. One of those traps was pretending to have low prices, and then charging outrageous amounts for SSL certificates – which are mandatory these days.

So as Google’s deadline for showing warnings on all non-SSL sites draws closer, expect more and more hosting providers to give up this juicy revenue stream in favor of free SSL certificates.

Best Bluehost Coupon 2019 Deal

Need to make a decision fast? Click below for the maximum discount today.

Note: The $2.95/m deal doesn’t always appear. There’s a trick to making it show. You can even get the Bluehost $2.65 deal if you’re lucky!

Duration: 3 years
Discount: 63% off

Table of Contents:

No More “SSL Unavailable” Messages

There was a time when Bluehost certificate installation wasn’t always a cinch. Before this latest update, customers would often see a message like this:

Bluehost free SSL certificate unavailable

But that was before the magic of Let’s Encrypt and automatic free SSL. From this day forward, you no longer need to spend time with Bluehost support reps to enable SSL certificates on your website. Just follow the instructions below and see the screenshot!

Will my Free SSL Certificate Expire?

No. Let’s Encrypt certificates are automatically renewed without manual intervention. This is great because by default, each cert is only valid for 90 days. This meant that before you had to manually install and re-install Let’s Encrypt certificates every couple of months or so.

But now Bluehost does this on its own. Your free SSL certificates will never expire, and you don’t even need to think about them anymore!

What is Bluehost AutoSSL?

AutoSSL is the cPanel/WHM functionality that automatically installs and renews free Let’s Encrypt certificates every other month. There are two components here:

  1. Let’s Encrypt
  2. AutoSSL

The first is the certificate itself. Before Bluehost AutoSSL integration, you had to manually generate the Let’s Encrypt certificate by logging into your account via SSH and installing it manually. They repeat this process each time your certificate was about to expire.

AutoSSL trivializes this process by doing all the heavy lifting for you. Now that Bluehost offers AutoSSL, customers no longer have to worry about their free SSL certificates expiring!

Does my Free SSL Apply to WordPress as Well?

Yes. SSL certificates are applied to domains or subdomains. It doesn’t matter what application is running inside that domain. So if your free SSL is for “xyz.com”, your WordPress installation at xyz.com will be automatically covered.

GoDaddy However is a Different Story

Ironically, I also saw this while browsing Facebook today:

GoDaddy Still Requires Paid SSL

So while other companies are forging ahead with free SSL, GoDaddy’s buckling down. At $60 a year for the first year, and much more after that, it’s shocking that the company with the largest number of hosting customers hasn’t made the leap to SSL. They’re probably banking on the fact that most small business owners don’t know enough about free SSL options and will take whatever products are pushed onto them.

But how long can this continue? Sooner or later GoDaddy’s gotta cave to pressure and start supporting what every other company is getting on board with – Let’s Encrypt or some other free AutoSSL option.

How Can Bluehost Offer Free SSL? By Installing Let’s Encrypt!

Bluehost now allows you to install free LetsEncrypt certificates for all its shared hosting plans. The set up takes just one click, and is a landmark moment in web hosting. To install, take the following steps:

  1. Log into Bluehost
  2. Go to “My Site” on the left hand side
  3. Hover over your site and click “Manage Site”
  4. Click the “Security” tab
  5. Enable the “Free SSL Certificate” option as shown in the screenshot below:
Enable Bluehost Let's Encrypt Free SSL

The fact that Bluehost is making it so easy to install LetsEncrypt SSL certificates is a big deal. I’ve been beating the drum for a while that it’s 2018 and no one needs to pay for basic SSL. This is where I feel SSL is badly designed. Because it actually does two things that should be separate:

  1. Encrypt data between your site and the users
  2. Verify that your site is indeed a valid business

These two actually have nothing to do with each other. Encrypting all communications between you and your clients is a purely technological solution. It doesn’t require any kind of manual intervention. There’s no reason for it to be expensive. The encryption provided by free SSL solutions like Let’s Encrypt is every bit as strong as those provided by high-end EV certificates.

In fact, even without Let’s Encrypt and AutoSSL, you can convert your site to “HTTPS” and use SSL for free using a service like Cloudflare. When all this can be done automatically, what’s the value in a paid SSL certificate?

Extras your Get by Paying for Bluehost SSL

The money you pay for Bluehost SSL goes into the second step – validation and verification of your business. A basic free SSL solution only verifies that you control the domain name, nothing else. However if you’re an e-commerce site, you might want to inspire as much trust as possible in your customers. To do this, you pay a CA (Certificate Authority) to manually verify that your business is legit, that you have an actual address and phone number and so on and so forth.

It’s this manual verification that’s expensive because it’s carried out by human beings. There’s no shortcut around it. The more you pay for an SSL, the more validation you receive. Sites like banks and Paypal use the highest form of SSL and are thus 100% verified.

Do you Need “Paid” SSL?

But not everyone needs that kind of validation. For a lot of websites, it’s enough to simply encrypt communications so that no one can steal the usernames and passwords of clients. It also ensures that no “man-in-the-middle” attacks can be performed and change your data in transit.

And for now, this is all that Google wants. It’s not looking for high end validation from a CA. So there’s no reason whatsoever to avoid free Bluehost SSL certificates. Let’s Encrypt and AutoSSL will soon be available from all hosting providers. And if GoDaddy refuses to get on board, I think it’s time for you to switch!

About Bhagwad Park

I've been writing about web hosting and WordPress tutorials since 2008. I also create tutorials on Linux server administration, and have a ton of experience with web hosting products. Contact me via e-mail!

Comments

  1. Paid certificates offer higher security.

    Reply

  2. Thanks for this article…it sounds like blogs and basic websites need basic encryption like Bluehost’s free SSL. Any type of financial transactions on the site would suggest paying for a higher degree of SSL encryption, and detailed collections of financial and personal data would require the most expensive SSLs.

    Reply

Speak Your Mind

*