The future of web SSL key to success
- KnowledgeBase /
- Certificats SSL /
- The future of web SSL key to success
Will SSL become essential in 2017 for the success of your web page?
Regarding SSL, Google announced in September 2016: “From January 2017, Chrome 56 will indicate in the address bar a message indicating a danger for certain websites not accessible in HTTPS. »
-Are the SSL certificate and the HTTPS protocol mandatory for all websites from January 2017?
-But what is it exactly?
-What is an SSL certificate and what is the HTTPS protocol? S
-SL certificate and HTTPS protocol?
For a website, an SSL certificate is a data file that links a cryptographic key to the information of a natural person or a legal person. Installed on a web server, the certificate activates the green padlock and the HTTPS protocol in browsers.
The objective of the SSL & HTTPS couple is to ensure a secure connection between the web server that hosts a website and the browser used to consult it. » Is a secure connection mandatory for everyone from January 2017?
No, there is no obligation to secure your website in January. However, setting up a secure connection is strongly recommended for sites collecting sensitive data (bank cards, passwords, member area, etc.).
Indeed, the first sites affected by Google's reporting through Chrome will be sites that exchange confidential data such as e-commerce sites. The absence of a secure connection to access the site will be reported through Google Chrome, with the very likely consequence of a drop in sales. Dealing with some insecure web pages over SSL in Chrome 56 as of January 2017
E-commerce sites will not be the only ones affected. Google has already announced that all websites will have to be secure in the future. For the moment, this deadline has not yet been revealed by Google. It may be in the course of 2017.
The latest announcements from Google
Web security has been a top priority for Google for years. Google's message about reporting unsafe sites is a logical continuation of previous announcements.
In August 2014:
We are starting to use the HTTPS protocol as a positioning factor. For the moment, this indicator has very little weight in order to give webmasters time to switch to the HTTPS protocol.
In December 2015:
Gmail, Google Search, and YouTube have had secure connections for a long time. We also started slightly improving the ranking of HTTPS URLs in search results last year. Web browsing should be a private experience between the user and the website, free from eavesdropping, man-in-the-middle attacks, or data modification . This is why we strongly support the generalization of HTTPS.
SSL or not? Our tips for 2017
We have been advising you for more than a year to adopt the SSL certificate as soon as you can, here are some details:
- As part of a creation or redesign of a website, HTTPS is essential.
- For e-commerce sites and sites collecting confidential data, we recommend switching to HTTPS as quickly as possible.
- If your website does not collect any sensitive data, you can wait for the next announcement from Google.
To help you in your decision-making, Google promises to grant an “SEO Bonus” to encourage publishers to switch to HTTPS. The first to take the plunge will enjoy it longer!
End of articles………….
Securing the web is one of Google's priorities. How to secure your website and improve your SEO thanks to the SSL certificate?
What is an SSL certificate?
SSL is the abbreviation of Secure Socket Layer which could be translated as secure socket layer. Netscape in collaboration with Mastercard and some American banks are at the origin of this process to secure transactions carried out via the Internet.
An SSL certificate, also called electronic certificate or digital certificate or public key certificate can be likened to a digital identity card. This data file links a cryptographic key to the information of a natural or legal person and makes it possible to secure data exchanges by encryption (128 bits, 256 bits, etc.).
Electronic certificates have until now been used on e-commerce sites, web mails and more generally on sensitive sites such as banks, taxes, etc.
The use of SSL certificates is becoming widespread for:
- Access to secure sites, (eg: web agency site afoulki.com)
- banking apps,
- Archiving and secure sharing,
- social declarations,
- Sending dematerialized mail,
- Dematerialized invoices from State suppliers,
- Responses to public tenders,
To sum up: an SSL certificate makes it possible to secure the information exchanged between 2 computers.
Who issues SSL (TLS) certificates?
An SSL certificate is issued and signed by a trusted third party.
The price of a certificate will depend on your needs.
The different SSL certificates: DV, OV, EV
There are several types of SSL certificates with different levels of trust, they correspond to the degree of verification carried out on the applicant for the certificate.
DV SSL certificate > domain validation
It is issued immediately after the sending of a confirmation by the certification authority (CA or Certification Authority) and its validation.
OV SSL certificate > organization validation
It is issued when the following conditions are met:
- Registration control at the Chamber of Commerce,
- WHOIS control (domain name),
- Telephone validation by the administrative contact.
The procedure takes about 48 hours
The EV SSL certificate > extended validation
It is issued when the following points are verified:
- Registration control at the Chamber of Commerce,
- WHOIS control (domain name),
- 2 telephone validations (an administrative contact and a contact with the personnel department).
The issuance of an EV SSL certificate requires between 5 and 8 working days.
Why adopt the SSL certificate for your website?
In the case of a website, the establishment of an SSL certificate (TLS) results in the transition from the HTTP protocol to the HTTPS protocol.
First argument: The safety of your visitors
If you have an e-commerce site or a site collecting data from your users, the question does not arise, to secure the data of your visitors, the implementation of an SSL certificate is essential.
Second Argument: The SEO optimization of your website
In August 2014, Google announced that it would promote the positioning of sites using SSL in the rankings of its search engine.
Google's message is very clear: We hope to see more sites using the HTTPS protocol in the future. Together, let's make the web safer!
Installing an SSL certificate on your website
The implementation of an SSL certificate is carried out at the level of the hosting of your website and requires some technical skills, in particular the mastery of 301 redirects.
A few tips before you get started:
- Choose the right certificate: simple, multi-domain or generic,
- Use certificates with a 2048-bit key,
- Install the ssl certificate on the server that hosts your website,
- Always use relative URLs for resources on your website,
- Do not forget the 301 redirect to force the switch to https,
- Track hard-written URLs to modify them and avoid 404 errors,
- Allow crawling of your HTTPS site using the robots.txt file,
- Promote the indexing of your pages and avoid using the meta tag "noindex",
- Create a new Google Search Console (Webmaster Tools) account and submit your sitemap again.
Once the operation is complete, you can test the security level and the configuration of your certificate using the ssl.ma site.
If you do not have the technical skills to install an SSL certificate on your own, do not hesitate to contact the web agency heberdomaine.
Conclusion :
Google announced it, the generalization of the https protocol is inevitable, you might as well go there as soon as possible to benefit from the SEO bonus granted by Google. To date, only 1% of sites are secure!
Open ticket
Submit a support ticket