Buy and Install an SSL

Buy and Install an SSL

Getting your domain protected means purchasing and installing an SSL Certificate.

1. Purchase an SSL Certificate

To get started, you need to decide what type of SSL Certificate is right for your business.

EnCirca recommends Extended Validation Certificates. EV Certificates are superior because:

  • the validation is more extensive
  • the customer will see that extra security in the form of a “green bar” that tells them the site is secure

In order to fully meet your needs, we also offer the following different types of certificates:

  • Standard SSL Certificates – require the certificate issuer to independently verify the information concerning the applicant’s business.
  • Extended Validated (EV) Certificates – the applicant’s business credentials are validated more extensively to help ensure that the applicant isn’t a phisher, spoofer, or other type of online criminal.
  • Wildcard Certificates – protect multiple options of the same base domain (i.e. www.sample.bank and directory.sample.bank)
  • SAN Certificates – protect multiple, different domains (i.e. www.sample.bank and sample.com)

Order your SSL Now

Once you’ve chosen and paid for your certificate, you need to be validated by the SSL Company.

2. Validate Your Information

You need to prove that the domain is yours and that you are a legitimate business. There are 2 steps to this process.

First, Obtain a CSR for your Domain

A CSR or Certificate Signing request is a block of encrypted text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. You may need to request this from your hosting service. For more information, see an overview here: https://en.wikipedia.org/wiki/Certificate_signing_request

Then, Validate your SSL Certificate

  1. Login to hosting.encirca.com . You should see a list of your products.
  2. Click on the certificate and you will be able to add:
    • csr document
    • domain name
    • whois contact email
  3. Once your information is entered, you will receive an email confirmation. You may also receive a validation email or phone call from the SSL certificate vendor (ie Geotrust or Symantec)

3. Install your SSL Certificate

After the verification process is completed, you should receive your SSL Certificate by email. This cert should be given to your hosting provider to install and check. You may also be given a logo to place on your site to verify its security.

Order your SSL Now

HSTS Explained

HTTP Strict Transport Security forces browsers to make secure HTTPS connections with websites.

What is HSTS?

HTTP Strict Transport Security is a web security policy sent via header, that forces browsers to make secure HTTPS connections when they visit a specified website. This prevents cookie hijacking and protocol downgrade attacks. This is accomplished by setting a Strict-Transport-Security parameter that forces all connections to be made securely and disregards and scripts that attempt to load assets over unsecure HTTP. The header sets a period of time that the paramater applies for.

What is the HSTS Preload list?

The HSTS Preload list a set of pre-loaded websites that employ HSTS. This effectively closes the window for a first connection protocol downgrade or cookie hijacking. When a web browser arrives at a website on the HSTS preload list for the first time it already knows to only make secure connections.

The only problem with the HSTS preload list is that it can take a while to get on. You’re at the mercy of the browsers as to when they update before you’ll be included on the list itself. With some browsers that’s nearly on a monthy basis – so the wait will only be a few weeks – but for others, it can be months. That’s why Google’s decision to register all of its TLDs on the list is so powerful. Now any website with those TLDs – that is secured with an SSL certificate – is already on the list by default.

Look for plenty of other domain registrars to follow suit in the coming months.

Should I implement HSTS on my website?

Yes. We definitely recommend employing HSTS. Even with an SSL certificate, there are still ways to exploit a site. Especially one that uses 301 redirects to send traffic to the HTTPS versions of its original HTTP pages. Not having HSTS is like putting a nice big padlock on the front door of your website, but accidentally leaving a window unlocked. There’s still a way to get in, you just have to be a little more sophisticated to find it.

So yes, we recommend implementing HSTS. Not only HSTS, but we recommend writing the header with the “includeSubDomains” and “preload” prompts included as well.

Here is an example of a good HSTS header:

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

What to consider before implementing HSTS

There are a few things worth noting about HSTS before you go ahead and add the appropriate header:

  • You must have an SSL certificate installed on your website already
  • If you have sub-domains you will need to use a wildcard to protect them
  • You must use 301 redirects to reroute all HTTP pages to HTTPS ones
  • Google says best practice is to set a max age of two years
  • SubDomain and preload headers must be included
  • Important Note: Just adding “preload” will not get you on the HSTS preload list.  You will still need to follow up yourself by going here .

Encirca is a full-service registrar.

We support your domain needs from start to finish.

Design
A Simplified Website Builder
Anyone can have a professional online presence. Select from a multitude of designs with customization, and use it with everyone of our hosting options.
Host
Cutting Edge Security
Secure your newly designed website with a variety of web hosting options. Whether you want general or advanced hosting, you can find the best domain that aligns with your industry.
Secure
SSL Certificates For Your Business
Geotrust and Comodo certificates give you expansive protection for your domains. Install an SSL certificate that is right for your business and provides complete security.

Wanna Talk To Us?

Contact Us Now

Domain Registration FAQ

  • How do I buy a domain name?Buying a domain is easy! Just type in your desired domain name in the search box above to check availability. If your desired domain name is available, you can add the domain name to your shopping cart and check out.
  • What registration terms are allowed for domains?You can register your domain name with EnCirca for anytime from 1-10 years.
  • How long does it take to register my domain?Most domain names registered with EnCirca will appear in your account instantly.
  • How do I use web hosting for my website?EnCirca has many templates that allow you to quickly start your very own website for personal use or for business. Once you purchase your domain name, you need web hosting. Visit Here to view EnCirca’s web hosting and email hosting options and follow our steps to get started.
  • How do I use my domain name for email?EnCirca’s web hosting packages also offer email for up to as many mailboxes as you want. Visit Here to view EnCirca’s web hosting and email hosting options and follow our steps to get started.
  • How do I encrypt my domain name?Domain name encryption can come in many forms. As one of the most secure domain name registrars, EnCirca offers multiple levels of cybersecurity for your domain names. From SSL Certificate encryption, Secure DNS, and Secure Web Hosting to multi-factor authentication and domain name registrar locks, EnCirca has you covered. Visit Here to view our entire selection of cybersecurity tools for you domain name.

Handshake Domain FAQ

  • How do I buy a Handshake domain name?Buying a domain is easy! Just type in your desired Handshake domain name in the search box above to check availability. If your desired domain name is available, you can add the Handshake domain name to your shopping cart and check out.
  • How can I see my Handshake domain name?Handshake domains do not resolve on regular DNS sites. For example, in order to see encirca.txt, you must add it with a trailing slash and a DNS resolver.
  • How can I access my Handshake domain names since they don’t resolve on traditional DNS?

    There are many internet browsers that support Handshake domains such as Opera and various Chrome plugins.

    Please visit our Handshake helpdesk article for more options on how to view your Handshake domains

    NextDNS is one of the most popular methods for accessing Handshake domain names. Install NextDNS. You can click “try it now” on nextdns.io to connect your device and resolve Handshake domains. Scroll to the Setup Guide at NextDNS to select the option for your device, confirm with the green button at the top of the page, and then go to the “settings” tab to “resolve Handshake domains.”

    Install the Resolvr add-on to view Handshake names directly in the search bar of your Firefox browser.

    Try searching your site with the HNS.to gateway, which allows you to access Handshake names without downloading software or modifying your DNS settings. You may also conduct searches directly by prefixing Handshake domains with “hns.to/,” such as “hns.to/welcome.nb/.”

  • How long does it take to register my Handshake domain?You can register your Handshake domain name with EnCirca for anytime from 1-10 years. Most domain names registered with EnCirca will appear in your account instantly. If there is an issue, our support team will email you.
  • How do I use web hosting for my Handshake domain website?EnCirca has many templates that allow you to quickly start your very own website for personal use or for business. Once you purchase your domain name, you need web hosting. Visit our hosting page to view EnCirca’s web hosting options and follow our steps to get started. Please be aware that some handshake domains (such as ones containing emojis or beginning numbers) may not resolve even with our DNS.
  • How do I use my Handshake domain name for email?Unfortunately, Handshake domains can’t use traditional email.

Blockchain FAQs

  • How will I be able to view a blockchain website?
    You will need to use a mirroring service, a browser extension or a browser that supports blockchain domains. Brave is one that supports blockchain domains natively.
  • Will I be able to search for and find blockchain domain websites on Google or other search engines?Major search engines do not currently index blockchain domain websites. For now, you will be able to search for them at unstoppabledomains.com, on partner applications that integrate our search bar, or on blockchain apps that index blockchain domain websites.
  • Are blockchain domains part of ICANN / traditional DNS?No. Blockchain domains are what’s called alternate roots. They are not part of the current DNS.
  • Will there be some sort of ‘whois’ record with my personal information associated to my domain?Not by default. Sharing ‘whois’ information is opt in i.e. something that you can choose to do if you want. Otherwise, your identity will not be publicly known.
  • How do trademarks work with blockchain domains?Trademark holders with proof of ownership can apply to claim ownership of trademarked names. If a trademark name has already been sold, then it will be refunded. Note – this process ends once domains have been distributed. Unstoppable Domains does not have the ability to move a domain once distribution has occurred.
  • How do payments work with my blockchain domain?Add your bitcoin, Ethereum, and Zilliqa addresses to your .zil or .crypto domain inside of the ‘my domains’ section at unstoppabledomains.com. When someone types yourname.zil into a supporting wallet, the wallet looks up that domain on the blockchain, finds the appropriate address, and sends to the address associated with that name.
  • Will I be able to transfer my domain?Yes. The domain is stored in EnCirca’s cryptocurrency wallet and can be transferred to you. Contact support@encirca.com for transfer information.
X

We have updated to passwordless logins. MFA users will need to re-enroll after the upgrade. Learn more here.