In the fall of 2017, Google announced that websites that do not have a correctly installed SSL certificate will be penalized with a red warning icon in the visitor’s browser address bar that the website they are attempting to view is not secure and vulnerable to having their personal information stolen by hackers. Since 2014 Google has been working to encourage website owners to secure their sites with appropriate level SSL certificates and this recent move will have a far-reaching impact on websites that do not comply in both legal ramifications in the case of a data breach of a website as well as lost business/traffic from site users that
The SSL Problem Google is Addressing
One of the main issues regarding SSL certificates and website development is the common problem of website designers now understanding how SSL works. This is compounded by the need for the site developer to ensure that all images, java scripts, and code is using the secure HTTPS protocol which is time-consuming and up until recently, not a priority. In addition, we are noticing a significant increase in sites with improperly installed SSL certificates by client’s who asked their webmaster to install the certificate but did not do it correctly on the server.
SSL certificates are important as they ensure that the information being communicated between the website and the user is encrypted and directly communicated with the server and the user’s browser. Sites that don’t have this level of security have become extremely vulnerable to personal identity theft and the information being stolen by hackers.
Installing an SSL certificate is a technical process that involves at the base level linking the website’s domain name to the server where the website is hosted. Expanded SSL Certificates take that a step further and verify the legal ownership of the website, the server and the company that operates it. Either of these two types of SSL certificates will satisfy Google’s new requirements. It should also be noted that Firefox, Chrome, Safari and Internet Explorer are also introducing their own browser warnings for websites that fail to have a valid SSL certificate.
Installing an SSL Certificate.
It is possible to install an SSL yourself on your server using a three step process.
Generate a CSR (certificate signing request)
To request an SSL certificate for your server or a code/driver signing certificate, you have to generate a certificate signing request (CSR). This identifies which server will use your certificate, as well as the domain names (common names) you’ll use for SSL certificates.
Request an SSL Certificate
After you purchase an SSL certificate, you need to request it for the website’s domain name (or “common name”) you want to use.
Request an SSL Certificate
After you’ve generated a CSR and requested a certificate, you can download your certificate files, and then install them on your server.
Once this is completed, the Certificate Authority will verify your certificate and make it active.
Once you have installed the certificate and activated it with the CA, it is important that you verify that all code PHP, Java and HTML code on your website is properly formatted with the new HTTPS secure call otherwise the certificate will be invalid and the browser warning will appear.
For complete instructions on installing an SSL certificate, please visit this post
Having an SSL Certificate Installed for You
As part of our data protection and security services, Senvira provides a wide range of SSL options including professional installation and management of the certificate. This option allows organizations to ” set and forget ” about their SSL requirements and all updates, renewals and issues are handled in-house automatically by our technicians. To order an SSL Package, please visit this page here.