Home > BigCommerce > Docs > How to install SSL certificate for BigCommerce? Free & Paid SSL

How to install SSL certificate for BigCommerce? Free & Paid SSL

Last updated: May 01, 2024
This article has been written and researched by our expert Avada through a precise methodology. Learn more about our methodology





A trustworthy authority issues an SSL, or Secure Sockets Layer, certificate for a particular domain or subdomain. It validates that a secure website is securely encrypted, meaning that all knowledge exchanged between a customer and the platform is secure. Having an encrypted store increases shopper interest, which increases conversion rates. BigCommerce offers three choices for receiving an SSL certificate for your personalized domain. You may use our free dedicated SSL certificate, buy an SSL certificate from BigCommerce, or add a third-party SSL certificate on those plans.

This article will walk you through creating a CSR code and adding an SSL Certificate on BigCommerce. You’ll also read some fascinating details about BigCommerce, as well as where to get the right SSL Credential for your BigCommerce site.

What is an SSL certificate?

SSL is a standard used to encrypt Internet traffic and check server identity. Its imporved version is TLS. SSL is used for every website with an HTTPS domain address.

SSL credentials contain the following:

  • The domain name for which the certificate was issued Which individual, entity, or computer obtained it Which certificate authority issued it
  • The digital signature of the certificate authority
  • Subdomains that are connected
  • The certificate’s problem date
  • The certificate’s expiration date
  • The general public main (the private key is kept secret)

SSL’s public and private keys are simply long strings of characters that are used to encrypt and decrypt info. Only the private key will decrypt data encrypted with the public key and vice versa.

Why is an SSL certificate needed for websites?

An SSL certificate is required for a website in order to protect user data, verify website ownership, prevent attackers from producing a false version of the site, and obtain user confidence.

SSL encryption: is possible due to the public-private key pairing that SSL certificates allow. Clients (such as web browsers) receive the public key needed to open a TLS link from the server’s SSL certificate.

Authentication: SSL certificates ensure that a client is communicating with the right server that owns the domain. This aids in the prevention of domain spoofing and other types of threats.

HTTPS: An SSL certificate is needed for an HTTPS web address, particularly essential for businesses. HTTPS is the protected version of HTTP, and HTTPS websites get their traffic secured via SSL.

In addition to protecting consumer data in transit, HTTPS allows websites more trustworthy in the eyes of the user. Many users would not note the difference between an http:// and a https:// domain address, although several browsers also begun to flag HTTP pages as “not safe” in more visible ways, to provide an impetus for moving to HTTPS and increasing protection.

How to install a Free Bigcommerce SSL certificate?

You should mount an SSL certificate from a third-party certificate issuer whether you have a Pro or Enterprise plan. For a third-party SSL certificate, you may produce a CSR (Certificate Signing Request) in BigCommerce, which will provide the SSL certificate vendor with the details needed to produce a functioning SSL certificate.

If you have a Regular or Plus package, you can use the free SSL certificate that is automatically allowed or buy one from BigCommerce.

Generating a CSR (Certificate Signing Request)

Until creating an SSL certificate, you must create a CSR (Certificate Signing Request) to provide to your third-party certificate issuer. The CSR includes the store and server details required for the SSL certificate to be successfully installed.

  1. Log in as the Shop Owner and navigate to Server Settings, SSL Certificate.

  2. Select Generate a CSR from the drop-down menu.

install a Free Bigcommerce SSL certificate

  1. Fill in the blanks with the necessary detail, then press Generate CSR.

install a Free Bigcommerce SSL certificate

  • Approver Email — the email address is chosen from the drop-down menu to authorize the SSL order. To complete the SSL installation, you must have access to this email address.
  • Common Name (CN) — the completely qualified domain name that you choose to register (selected in Step 2)
  • Organization Designation (O) — a company’s official incorporated identity. All suffixes, such as Ltd., Inc., or Corp., should be used.
  • Organizational Unit (OU) — the name of the department (e.g. HR, Finance, IT)
  • Locale (L) — town or area (e.g. Austin, San Francisco, Sydney)
  • State/Province (S) — a state, a province, a city, or a county.
  • Country Code (C) — the two-letter ISO code for the country on which the company is based (e.g. US, CA, GB)
  1. The CSR will be given to you on the following tab. Copy the whole block of text, including the lines that include ——-BEGIN CERTIFICATE REQUEST——- and ——-END CERTIFICATE REQUEST——-, by clicking anywhere throughout the box.

install a Free Bigcommerce SSL certificate

The created CSR will also be emailed to the store owner’s email address. The subject line of the message would be A new CSR has been created for your SSL certificate.

Generating and Installing the SSL Certificate

Using the CSR from the previous segment, you can now create your SSL certificate for your third-party provider. If you already have the SSL certificate before obtaining the CSR, email your SSL certificate issuer for instructions on reissuing the SSL certificate.

  1. Forward the CSR you copied in the previous step to the certificate issuer.

  2. After installing your SSL license, use the following settings:

Form of server - Apache or Apache Mod (HTTP) Hash - SHA-2 (SHA 256) Bit power - 4096-byte or 2048-bit

  1. You can obtain two files: the SSL certificate and an intermediate certificate package. You can obtain two files: the SSL certificate and an intermediate certificate package. If you get them in a zipped disk, unzip them on your monitor before continuing.

  2. Use a text editor, such as Notepad or TextEdit, to open the certificates. You would likely need to open the text editor first and then navigate to your certificate folders. Make a copy of the SSL license, including the lines containing ——-BEGIN CERTIFICATE——- and ——-END CERTIFICATE——- are also needed.

Generating and Installing the SSL Certificate

  1. Return to Server Settings, SSL Certificate in the BigCommerce control panel, then press Install a 3rd party SSL.

Setup a Third-Party SLL.

  1. Paste the SSL Certificates into the related areas. Make sure there are no gaps before or after the dashes at the beginning and end of the certificate.

SSL Certificate — the SSL certificate; it will not be branded as a package, CA, or intermediate certificate. Intermediate Certificate — an SSL certificate called a package, CA, or intermediate that can include several blocks of code.

  1. Choose Install ssl certificate from the drop-down menu.

Setup an SSL Certificate

It will take around 20 minutes to install your SSL license. After that, you should use the resources mentioned below to ensure that everything was configured correctly.

Free or Paid Bigcommerce ssl certificate plans?

There are two types of free SSL certs. Self-Signed Certificates are those that do not need the signature of a Certificate Authority. They are directly signed by the issuer. The second form of free SSL certificate available on the market, on the other hand, is signed by a Certificate Authority (CA). A free SSL certificate has the same degree of encryption as a paying SSL certificate in terms of security.

It is important to pay to get these certificates placed on a website. A trusted credential authority issues and signs a paying certificate (CA). You may receive it either from the Certificate Authority’s website or from third-party companies classified as “Resellers.”

In terms of security, a free SSL certificate offers the same degree of protection as a paying one. You might be asking yourself, “Why should I pay for the same credential when I can get it for free?”

There are several important variations between the two.

Different SSL cost, which is for you?

SSL certificate may have plenty of versions and plans, which lead to different SSL cost and functions. There are some differences between some basic functions of different SSL certificate versions and plans, may be paid or free.

SSL Certificate Form

Only Domain Validation (DV) is available for free SSL certificates. DV certificates are only required to provide simple authentication. They are typically used for forums such as tiny websites and blogs. Organization Validation (OV) and Extended Validation (EV) certificates are not available for free SSL certificates. In contrast, paying SSL certificates to provide OV and EV choices, which are critical for securing company websites.

Validation Level

CA does not validate anything other than the website owner’s name when it comes to checking a website owner’s company information before awarding a free certificate. Although in the case of paying SSL certificates, verification of the website owner’s identification is required before awarding the certificate to the site owner, the certificate authority performs in-depth verification of the company in the case of OV & EV certificates (CA).

Validity Concept

Famous CAs offer free SSL certificates that are valid for 30-90 days. As a consequence, the website owner is required to update the certificate every 30-90 days. Paid certificates may be issued for a term of one or two years.


Certificate authorities (CAs) and paid certificate resellers are dedicated to offering round-the-clock service to their clients. Customers may pick the form of service they like, whether it’s talk, email, or phone. Free CAs, on the other side, cannot continue to offer such outstanding service to their clients. If you need assistance with a free SSL problem, you’ll have to sift through a lot of old forum posts to locate it.


As previously mentioned, the free certs only help with domain level validation. If one requires OV and EV certificates, he or she must buy paying SSL certificates. With OV and EV certificates, you get visual indicators like the company name in the URL and certificate details, and better site seals. Free SSL licenses, on the other side, do not have those advantages.


If something goes wrong on the CA’s end, such as a disastrous malfunction of their PKI, you are totally out of luck with a free SSL voucher. Paying SSL certificates do not have this concern since they are protected with warranties that vary from $10,000 to $1.75 million.

Free and paid Bigcommerce SSL certificate

BigCommerce offers the following forms of SSL certificates:

  • Encryption Everywhere
  • GeoTrust QuickSSL® Premium
  • GeoTrust True BusinessID
  • GeoTrust True BusinessID with Extended Validation (EV)

Is it time for your SSL certificate to expire? SSL certs cannot be renewed, so you must buy a new one. SSL certificates are valid for one year from the date of purchase. If you already have an SSL certificate enabled, the dates would overlap, with the more current certificate replacing the older one. We suggest buying and downloading a new certificate immediately before the existing one expires for the highest value.

Free and paid third-party SSL certificate



If your content is hosted on HubSpot’s CMS, you can use a free basic SSL to encrypt your content and lead info. In the event that you are too distracted to upgrade, HubSpot would do it for you. Your SSL license will be renewed automatically 30 days before it expires.

Cost: 14-day free trial, $270-$900 a month

Let’s Encrypt

Let's Encrypt

Let’s Encrypt was established by the Linux Foundation and is supported by Mozilla, Site Ground, Cisco, Facebook, Akamai, and other leading technology firms. It provides free DV SSL certificates (no OV or EV here), but keep in mind that these certificates are only valid for three months at a time and must be replaced every sixty days at the very least. Why is this so? The corporation is adamant about automated certificate renewals in order to meet their long-term aim of transitioning the HTTP network to HTTPS.

Cost: The service is always free for three months at a time. Then you could renew for another three months for free.



SSL certificates from Comodo are valid for 90 days and are accepted by all major browsers. A single credential will protect up to 100 territories.

It’s built especially for Microsoft Exchange and Office servers. Comodo includes free domain licenses as well as priority phone service. Most notably, Comodo has been designated as a Top Seller of SSL certificates.

Cost: When buying a 5-year package, the price varies from $125 to $845 per year.



Cloudflare is well-known for their solutions that increase the performance and security of websites. It’s a CDN and protection firm used by several prominent websites, including Reddit, Mozilla, and Stack Overflow. Cloud Flare defends against millions of threats every day and offers service 24 hours a day, seven days a week.

Cost: Monthly cost $0 - $200

SSL For Free

SSL For Free

SSL For Free is a non-profit certificate authority that is compliant with all big browsers. SSL For Free, like Let’s Encrypt, and other SSL certificate authorities provide valid certificates for three months.

Cost: The service is always free for three months at a time. Then you could renew for another three months for free.



You’ve already heard of GoDaddy, the world’s largest name registrar with over 60 million domains. If you have an open-source idea, GoDaddy will offer you a free SSL certificate good for a year.

Cost: Annual cost $63.99 - $149.99



GeoTrust has a wide set of DV, OV, and EV SSL licenses, many of which provide automatic domain name validation. They are well-known for their ease of download, fast certificate issuance, and compatibility with leading desktop and web browsers.

Cost: Free for the first 30 days, then $149-$745 a year.



Another public SSL certificate provider is GoGetSSL. It provides a 90-day free trial for SSL certificates and just takes about five minutes to test your domain (no callback or face-to-face verification required). Their certs work for all big browsers, including Chrome, Firefox, Opera, and Safari.

Cost: Varies from $4.43 to $839.88 a year with multi-year subscriptions.

Instant SSL

Instant SSL

Another choice worth exploring is instant SSL. Their free licenses are valid for 90 days and are compatible with all major browsers. Their SSL certificate choices include features such as unrestricted server licenses, 24/7 support, and unlimited re-issuance.

Cost: Start at $125 a year and go up from there.

Basic SSL

Basic SSL also provides a free 90-day trial before you buy. With a fast and easy validation process, you can concentrate on other facets of your website while Basic SSL manages the certificate.

Cost: Free for the first 90 days.

Final thought

Browsing the web is fraught with risk, but it doesn’t have to be when people access your site. With a trustworthy company’s SSL license such as B igcommerce SSL, your website can easily and securely manage data transfers between your customers and your corporation. Your web users would realize they can trust your organization if there is a clear lock icon in the search bar. In the end, this improves customer engagement, raises the website’s rating in search results, and eventually makes the company meet market protection requirements.

Sam Nguyen is the CEO and founder of Avada Commerce, an e-commerce solution provider headquartered in Singapore. He is an expert on the Shopify e-commerce platform for online stores and retail point-of-sale systems. Sam loves talking about e-commerce and he aims to help over a million online businesses grow and thrive.

Stay in the know

Get special offers on the latest news from AVADA.