SSL certificate deadlines: are you ready for Google’s changes?

By September 5, 2018Uncategorized
Google gets serious about HTTPS encryption | Blog | EBRAND Services

An SSL certificate (aka Secure Socket Layer) is, essentially, a set of cryptographic protocols that provide communications security over a computer network. Banking details, credit card numbers, and other private information transmitted from a user’s web browser to a site’s server is encrypted, preventing thieves from intercepting it. And, thanks to Google’s efforts to create a safer, more secure Internet, SSL certificate is increasingly commonplace.

More and more website owners and developers are using SSL certificates, specifically those which provide HTTPS encryption (as opposed to now-dated HTTP encryption.) HTTPS (HyperText Transfer Protocol Secure) provides end-to-end encryption of all information sent and received over a website, securing and protecting users from criminal interference.

These days, everyone is more or less expected to provide HTTPS encryption. Customers, increasingly nervous about sharing sensitive information online, know what trust indicators – green padlock, trust badge – to look for. And if you can’t provide those indicators, they won’t think twice about leaving you for a site that can. In fact, Google is encouraging them to do just that.

Google gets serious about HTTPS encryption

An SSL certificate is an easy, cost-effective way for website owners to secure online transactions. And, now, if you don’t provide HTTPS encryption, Google will toss you into the  penalty box.

The search engine giant has been stepping up its efforts to create a more secure Internet, making an SSL certificate more necessary than ever. Just take a look at these updates to Chrome.

Chrome 68, July 2018 release

With the July 2018 release of Chrome 68, Google is flagging any website without HTTPS encryption as “not secure”. And not only that but users will not see in their browsers the familiar padlock, green text, and HTTPS which indicates a site is not suspicious. In other words, users will immediately understand that the site is unsafe for sharing personal information.

Chrome 68, July 2018 release

Chrome 69, September 2018 release

With the release of Chrome 69, users no longer see the green “Secure” lettering they currently see in sites which use HTTPS. (Eventually, the green padlock will go, too.) The security itself won’t change, though. Basically, Google is alerting users to the fact that HTTPS is the new normal and, unless they’re told otherwise, they can rest assured a site is using the proper encryption without too much attention being called to the fact.

Chrome 69, September 2018 release

Chrome 70, October 2018 release

With Chrome 70, users will see a red “not secure” warning whenever they are about to enter data into an insecure HTTP page. Google has not done this in the past because HTTP usage was too high and, therefore, it was unrealistic to mark every page with a warning. But now that HTTPS is standard, Google is taking the step.

Chrome 70, October 2018 release

SSL certificates from EBRAND will keep Google happy

EBRAND offers three SSL certificates, all of which deliver different levels of online security according to your unique needs. All certificates provide HTTPS encryption, are supported by Google Chrome, and are easy to activate.

Domain Validated SSL

  • Ideal for blogs, social networks, and personal websites
  • Configures multiple domain names operating on different IP addresses
  • A low-cost option that can be set up in minutes

Organization Authentication SSL

  • Ideal for corporate websites
  • Company authenticity confirmed by our Certificate Authority (CA) GlobalSIgn, assuring users that your site is legitimate, not that of an imposter
  • Provides a higher level of authentication than the Domain Validated Certificate

Extended Validation SSL

  • Ideal for e-commerce and banking sites
  • Involves a more rigorous audit and validation process, performed annually
  • Delivers the highest level of security available

Wildcard Option

  • Wildcard option available for your primary domain name as well as unlimited subdomains and associated servers
  • Ideal solution for anyone with several pages, websites, and servers, protecting all under a single root domain name
  • Available for Domain and Organisation Validation

Not all SSL certificates are considered equal

Make sure you purchase your SSL certificate from a trusted, reputable dealer. Not all SSL dealers have been known to follow proper industry practices.

Case in point: just last year, GeoTrust, RapidSSL, and Thawte admitted to not following proper procedures when issuing certain certificates. Consequently, Google has started flagging any sites using these certificates with a rather scary sounding warning:

Private connection warning

With EBRAND, you have nothing to worry about. We work with globally renowned WebTrust accredited Certificate Authority, GlobalSign, known for maintaining high encryption standards.

If you need assistance selecting the right SSL certificate for your needs, or just have general questions about SSL, let us know. We’re happy to assist!

Lutz Berneke

Author Lutz Berneke

More posts by Lutz Berneke