Google has decided that your website search engine ranking matrix does consider whether or not you have SSL Certification.
The reason stated is to encourage webmasters to switch over to the https: to ensure a future of a secure internet. They do affirm that quality content is still continuing to be important with ranking as well.
We all know ranking and traffic are close cousins – so should you concern yourself with changing, and how much is involved?
I have moved business sites to a secure server and installed the SSL certificate. The move was not as simple as it should be because the server’s weren’t ready for it. As far as any bump in traffic is concerned – yes, there was a slight increase for a short period then the traffic dropped below the original amount. Having a secure site is a good idea for you and your business. Doing it purely for Google or any search engine won’t be enough to ensure traffic or preferred rankings.
Should You Switch to https?
CAUTION: buy your certificate from a known and reputable company. You can get FREE SSL certificates from places but unless it is included with your domain or hosting package from a trusted source, you are taking a chance.
It’s Not as Easy as You Might Hope
When I first started to investigate to see what was involved in installing a new SSL certificate, I contacted my web host and asked them what was needed to make it happen.
Installing SSL Mistakes and Wins
As with most things unfamiliar there is a steep learning curve. My initial information gathering phase wasn’t thorough enough and made some mistakes.
Step 1:
I sent an email to my hosting provider and asked what did I need to do to change my site from http to https? They replied there were only two simple things.
1. Purchase the SSL Certificate from a certificate issuer.
2. Give them the information they needed so they could create a CSR (Certificate Signing Request) for the server.
To create the CSR they needed the following information:
-
Country Name (2 letter code)
State or Province Name (full name)
Locality Name (eg, city)
Organization Name (eg, company)
Organizational Unit Name (eg, section)
Common Name (eg, your domain)
Email Address
Well, IF that’s all there is to it – why not?
Step 2:
I called GoDaddy to discuss the details to purchase a SSL certificate. The guy I spoke with was happy to sell me one and I went ahead and bought it for three years at about $75 per year.
At this point I had done enough research to decide to get a
Having paid out over $200 on the wrong certificate but didn’t find out until it was installed that it wasn’t the right one.
Step 3:
Once the new one was installed on the server the browser bar did not show the lock, not grey or green, and the business name was missing. Instead there was a grey warning triangle.
I checked and sure enough I had missed a step – I still needed to install the seal in the footer of the website.
Done!
Crap! That wasn’t enough – still had the warning sign.
Step 4:
Since I wanted the entire site to be https I requested a complete 301 redirect from http. They happily did that for me but still… no padlock.
This is where I learned about the site https://www.whynopadlock.com/. What a great resource. The problem was all the images and all the links on every blog post and page was still using the http address.
AND my website was now s l o w e r to load.
The Work Required to Get a Green Padlock
Step 5:
Every page and post and sidebar had to be updated to change the link addresses. I still had a LOT OF WORK left to do.
The fastest way was to just go through each post, one by one. Most things were obvious and the changes were quick. Soon enough I was getting a green padlock on most pages. On the pages that weren’t obvious why the warning sign remained I would run it through whynopadlock.com.
Disappointingly the business name STILL wasn’t showing up in the browser.
The sidebars would affect every page so they were fixed first and I also found a .js call using http that I had installed in the < body >
of the site.
MORE Problems with SSL & Aweber Forms
Another queer thing was none of the Aweber forms would show up. They had all disappeared! The code was still there but the forms wouldn’t show. Whatever the issue was with the script at the time has been changed so it does work now but the original fix was to use the html code.
Step 6:
Switching to the html code worked but the warning sign was still in the browser bar. This was “forced” green changing all the links in the code to https: PLUS all the images in the form have to be https. This has to be done inside your Aweber account.
The 301 redirect was in place because https means you have a new web address. This actually slowed my traffic instead of increasing it – but only for a couple of days. Part of the reason could be the new address itself and the other could be the
YOU’VE BEEN WARNED!
When you switch to https you lose all your likes, shares, tweets, and pluses. Back to 0!
Totes Bums!
Initial Problems with SSL Certificate
Step 7:
– The certificate had to be re-installed because I was getting an SSL Error.
– The site was slow to load.
After doing some research on why the site was slower I learned that the connection now has to be encrypted and decrypted on both the server and on the user side. Its like they are having a conversation reminiscent to the chatter of the fax machine of yesteryear.
Here is the conversation between the two:
-
“Are you safe?”
“Yes, I’m safe”
“Are you sure? Show me your certificate”
“Here”
“Thanks, let me see if its valid”
“It’s valid”
“Oh right it is”
By-the-way – this is called Prosopopoeia
I found that a way to stop all this back and forth chatter was to have support for SPDY and OCSP stapling.
Here is a resource SSL checker that will give detailed information and grade your install.
I contacted my hosting company to inquire about activating SPDY and to let them know that I was also getting a SSL/TLS Handshake error.
Step 8:
If you want your green business name in the browser – you need to get a Premium SSL EV (Extended Validation) Certificate.
So I bought one (more money, of course). [since I wrote this post I have backed down to the regular SSL]
Having gone through all the work so far it was no surprise to find out that it wasn’t going to be as simple as just installing a new certificate. The hosting company had generate another CSR and install another SSL certificate. After it was installed the site was still loading slow. They could not enable SPDY on the server and so my site needed to be migrated to a new one.
Step 9:
New server, new IP address.
Step 10:
To purchase a SSL EV certificate and to ensure the integrity of the certificate you have to prove your business authenticity. The SSL issuer needs to validate you by verifying you have a real
The installation issues continued. There were still issues with the OCSP responder from GoDaddy that wasn’t responding to the Synthesis server. Fortunately it only took a couple of days to get the EV cleared and set up where they could have taken weeks.
Compare Synthesis to a different hosting company.
Just out of curiosity I wondered how a different hosting company would handle all my requests.
I sent an email to MediaTemple.
As a matter-of-fact Synthesis uses their servers. Also, GoDaddy has recently acquired MediaTemple as part of their expansion efforts. I just want to highlight WHY I pay more for Synthesis when they all use the same servers.
Here is where
Letter to MediaTemple
do they support SPDY in a SSL install?
Do you guys sell / supply the SSL or do you just generate a new CSR/Key pair for a certificate purchased elsewhere.
Can your servers include the NPN Extension?
Do you set up OCSP stapling?
Do you manage (hide) the htaccess files – if so, would you implement the https redirect?
I am asking all these questions because I just installed a SSL certificate to a site and it was quite involved. I will be writing a post on the “how to’s” and recommending servers (hosting).
Their Reply:
2) the SSL is provided by a third-party, which is GeoTrust. we are a GeoTrust reseller.
3) I don’t know. never heard of that.
4) I don’t know. never heard of that.
5) every server can accommodate an .htaccess file. if the customer wants something specific to occur, they have to modify the .htaccess. we don’t offer help with code, and that includes .htaccess. all that being said, I think CloudTech can help with a .htaccess redirect for a fee.
So there you have it.
If you are going to be upgrading to an SSL certificate and want to know that your hosting company can make your site fast and secure and light up your business name in green. Send them a note first.
Installing SSL Certificate Steps – ReCap
1. Make sure your hosting company can handle the upgrade.
2. Get your certificate from a reputable dealer
3. Change all your links (images and urls) within your posts, pages, footers, and sidebars to https.
4. Test all your pages using the resources below