Why not all SSL certificates are perfect.
Over the last year or so you’ve probably heard all about SSL certificates. Even a leading Bank has a TV advert telling people to only trust websites that are showing as ‘secure.’ Businesses should now consider issuing an SSL certificate to their websites to make sure they comply, or you could lose visitors and enquiries as they will consider your website untrusted.
What is an SSL Certificate and how does it work?
To help you understand what an SSL certificate is, I will go back to the very basics of a website address (often known as a URL). A web address is usually made up of something like…
You will notice at the beginning the https://, this is the protocol in which the website is served to the browser. The data transmitted is transported in a plain text file and insecurely. Of course what this means to the visitor is any data transferred either way, for example bank details are then vulnerable, and very prone to eavesdropping attacks.
By using an SSL certificate on your website the beginning bit of your website address will include an ’s’ after the http. This is a sign that your website is secured with an SSL certificate.
The SSL certificate installed on your website helps secure your visitor data, and yours by fully encrypting the data that is transmitted. If you use a modern, up-to-date browser, you will notice a green padlock, which shows your website is secure. Like this:
But what does an SSL actually do?
An SSL certificate can be used to secure almost any data on the internet. The main three security principles they cover are:
- Encryption – Helps protect data transmission both ways
- Authentication – It will scan and ensure you’re connected to the right server/website
- Data Integrity – It helps to ensure that the data requested either way is delivery securely.
Some companies offer free SSL’s, is it too good to be true?
Some providers of website hosting offer free SSL certificates to their customers. With everything that is free, there are some downsides that you should be aware of.
Fundamentally there are two types of SSL certificates available:
- Self-signed certificates
- SSL certificates from a trusted certificate authority
Most of the time, free SSL Certificates available are self-signed certificates. The problem with these SSL’s is that they do still encrypt some data, however some browsers do not recognise them, and treat them as untrusted. Equally, some even go to greater lengths, by showcasing a warning to website visitors. You can see an example below.
As a company, we would always recommend getting a fully encrypted, insured SSL certificate from a trusted authority like GlobalSign.
Can a free SSL ruin my Google Ranking?
Short answer, YES. Google do monitor SSL certificates, and back in 2014 Google announced that they would prioritise websites that had a valid SSL certificate. Recently within Google Search Console they have added a notice to websites that use self-signed certificates, to warn of the dangers.
Having a self-signed SSL isn’t going to be the only factor in lowering your website ranking, and it definitely isn’t going to be the most important, but as a company we always advise to invest in a trusted SSL certificate. Although any SSL is better then not having one at all, the dangers of a self-signed certificates could end up costing you a lot more in the long run, in lost visitors.
If you would like to talk to one of our Digital Specialists about your website SSL certificate, then please do get in touch on 0330 010 0321