Why should I care about “SSL”?
On October 1st 2011 Facebook made it mandatory for all Facebook Apps to be hosted on a secured server in order to protect the users’ privacy when viewing Facebook apps.
This means that if a Facebook user is trying to access a Facebook App that is not hosted on a secured server, the user that are browsing with a secured connection will not be able to access the application. Only Facebook users haven’t enabled secured browsing will be able to see these applications.
In other words, if you don’t host your pages at a secured server you will lose potential viewers and consequently even possible sales/leads. By installing a SSL certificate we make sure all Facebook users will be able to see our Facebook Apps & Pages.
What is SSL?
SSL (or Secure Sockets Layer) is a protocol that provides secure communication on the Internet. You might recognize it from when you log into your bank account or when you are sending money via PayPal. Almost anything that involves money exchange online is usually done over SSL.
When you visit a website that starts with https:// (instead of http://) you are looking at that website through a secured connection. The only way to make that happen is by installing a SSL Certificate at your webhost / website.
Unfortunately there are some downsides to SSL certificates:
– It can be a bit tricky to install for non-technical people.
– SSL License are quite expensive (GoDaddy’s SSL certificates range from
$69.99 up to $199.99 per year)
The main purpose of this guide is to show you how to get a free SSL Certificate (instead of paying for it every year).
We’ll also point you in the right direction of installing the SSL certificate, but this may differ for your hosting situation. If you’re not comfortable installing it yourself, we recommend asking your webhost who should be able to install it in no-time.
What will the SSL Certificate actually do?
Simply put the SSL Certificate makes sure that your domain is not only accessible by http://yourdomain.com, but also through https://yourdomain.com (notice the http VS https). The HTTPS tells us that the data is transferred through a secured line – which is exactly what we need to create our own Facebook Apps (and thus custom Fan Page Tabs or Pages).
Step 1: Creating an StartSSL account
We’re going to request our free SSL certificate at http://www.startssl.com, so go
ahead and open the website. Click on “Control Panel” in the top-right corner, and then click on “the Sign Up” icon that appears.
Enter all your details and press “Continue“.
You will now receive an email with a verification code to verify your email address. Go to your email inbox, open that email and copy-paste the verification code to the StartSSL.com-website. Press “continue” to proceed. You will now see a message called “Generate Private Key“. Click “Continue” to proceed. This will install a certificate to your browser so you don’t have to log in on the StartSSL-website in the future. This is not the SSL-certificate yet
You will now see a message called “Install Certificate“. Press “Install” to continue, where after you can click “Finish” to finish your account. At this point you’ll have a StartSSL.com-account
Step 2: Verify ownership of the domain
Click on the tab “Validations Wizard” so we can start validating that we actually own the domain name that we want to create a SSL certificate for. Select “Domain Name Validation” and press Continue. Enter the domain name where you will be hosting your Facebook pages on and press “Continue“. At this point you can select an email address that will be used to verify that you are actually the owner of the domain name. Before you select an email address and continue to the next page, you should make sure that the email address actually exists. If it doesn’t exist yet – create that email address in your web host panel (e.g. Plesk, Direct Admin, WHM etc).