There’s no denying the importance of an SSL certificate. In simple terms, having an SSL certificate and running your website using HTTPS rather than HTTP, will encrypt the website traffic for your visitors, ensuring that they have a secure experience on your website.
As of July 2018, Google Chrome displays websites that are not using an SSL certificate as “not secure”. Now other browsers are following suit, meaning that if you don’t implement an SSL certificate on your website, you are potentially losing website visitors since they may find it hard to trust your website. This is particularly important for anyone running an E-Commerce website or any website where a user may log-in, sign-up or even submit personal details.
What do I need to do?
Thankfully, the task of obtaining an SSL certificate and updating your website to run via HTTPS is very simple. Even more so if you’re a client on one of our WordPress Care Plans, where this is one of the first things that we’ll make sure you have in place.
Firstly, you’ll want to speak with your web hosting provider. Many providers will now offer a free SSL certificate, in partnership with Let’s Encrypt, a non-profit organisation that provides of free security certificates for the benefit of website owners. They’re supported by donations and and sponsorships from large companies in the tech industry. If your hosting provider offers a free security certificate, they will either be able to set this up for you on your hosting account or will point you to some simple instructions to enable you to carry out this task yourself.
Some hosting providers charge for SSL certificates, which are themselves provided by 3rd party companies such as GlobalSign, Comodo, GeoTrust, Symantec and more. Typically you could expect to pay between £5 – £30 (per year) for a basic SSL certificate, which should be more than enough for the needs of almost any business owner. Again, most of these providers will help you to install the SSL certificate themselves, although there are a few that will expect you to be able to install it yourself, using instructions that they provide.
Next, you’ll need to ensure that your website is set up to run using HTTPS rather than HTTP. Depending on the software that you’re using, this will usually involve updating the settings inside your Content Management System (CMS), such as WordPress or Magento. After this, the final step you’ll want to take will be to make sure that all traffic is automatically forwarded onto the new HTTPS version of your website.
Symantec SSL Certificates – Google Chrome Warning
As of 16th October 2018, Google Chrome will no longer support Symantec SSL certificates, with the release of Chrome 70 proving to the point when Symantec certificates will finally be distrusted. As a business owner what this means if you currently use a Symantec certificate is that the Google Chrome browser will not trust your SSL certificate and will display a warning message, instead of directing users to your website. For consumers, it has the potential to affect over 40% of worldwide Internet users.
If you are currently using a Symantec SSL certificate, we would highly recommend speaking with your web developer or hosting company and asking them to assist you with updating to a certificate from a trusted authority. This will help you to avoid any fallout from the release of Chrome 70, and ensure that your website is still visible to everyone.