Securing the web is one of Google’s priorities, How to secure your website and improve your SEO thanks to the SSL certificate? Let’s dive in to see how https realy works for your website.

What is an SSL certificate and how https works?

SSL is the abbreviation for Secure Socket Layer which could be translated as a secure socket layer. Netscape in collaboration with Mastercard and some American banks are at the origin of this process to secure the transactions carried out via the Internet.

An SSL certificate, also known as an electronic certificate or digital certificate or public key certificate, can be likened to a digital identity card. This data file links a cryptographic key to the information of a natural or legal person and makes it possible to secure data exchanges by encryption (128 bits, 256 bits, …).

secure cloud computing

Until now, electronic certificates have been used on e-commerce sites, webmails and more generally on sensitive sites such as banks, taxes, etc.

The use of SSL certificates is widespread for:

  • Access to secure sites,
  • Secure your website,
  • Banking applications,
  • Secure archiving and sharing,
  • Social declarations,
  • Sending dematerialized mail,
  • Dematerialized invoices from state suppliers,
  • Responses to public market tenders.

To summarize: an SSL certificate makes it possible to secure the information exchanged between 2 computers.

Who issues SSL certificates (TLS)?

An SSL certificate is issued and signed by a trusted third party (certification authority or CA) to attest to the link between the moral or physical identity and the digital entity.

A few trusted third parties offering a full range of digital certificates:

  • GlobalSign, one of the oldest certification authorities on the market,
  • Symantec, formerly Verisign,
  • Let’s Encrypt with the issuance of a free SSL certificate,…

The price of a certificate will depend on your needs, from a few tens of dollars to several hundred dollars.

HTTPS/SSL

The different SSL certificates: DV, OV, EV

There are several types of SSL certificates with different trust levels, which correspond to the degree of verification carried out on the certificate requester.

SSL DV CERTIFICATE> DOMAIN VALIDATION

It is issued immediately after confirmation by the certification authority (CA) and validation.

SSL OV CERTIFICATE> ORGANIZATION VALIDATION

It is issued when the following conditions are met:

  • Registration control at the Chamber of Commerce,
  • WHOIS control (domain name),
  • Telephone validation by the administrative contact.

The procedure takes approximately 48 hours.

THE SSL EV CERTIFICATE> EXTENDED VALIDATION

It is issued when the following points are verified:

  • Registration control at the Chamber of Commerce,
  • WHOIS control (domain name),
  • 2 telephone validations (an administrative contact and contact with the personnel department).

It takes 5 to 8 business days to issue an EV SSL certificate.

Why adopt the SSL certificate for your website?

In the case of a website, the implementation of an SSL certificate (TLS) results in the transition from the HTTP protocol to the HTTPS protocol.

First argument: the safety of your visitors

If you have an e-commerce site or a site collecting data from your users, the question does not arise, to secure the data of your visitors, the establishment of an SSL certificate is essential.

Second argument: SEO optimization of your website

In August 2014, Google announced that it would promote the positioning of sites using SSL in the rankings of its search engine.

Google’s message is very clear: We hope to see more sites using HTTPS in the future. All together, let’s make the web safer!

Setting up an SSL certificate on your website

The setting up of an SSL certificate is done at the hosting level of your website and requires some technical skills, in particular, the mastery of 301 redirects.

Some advice before you start:

  • Choose the right certificate: simple, multi-domain or generic,
  • Use certificates with a 2048 bit key,
  • Install the SSL certificate on the server that hosts your website,
  • Always use relative URLs for resources on your website,
  • Don’t forget the 301 redirect to force the switch to https,
  • Track URLs written in hard to modify them and avoid 404 errors,
  • Allow the exploration of your HTTPS site using the robots.txt file,
  • Favor the indexing of your pages and avoid using the Meta tag “noindex”,
  • Create a new Google Search Console account (Webmaster Tools) and resubmit your sitemap.
Website SSL

Once the operation is complete, you can test the security level and the configuration of your certificate using the Qualys Lab tool.

SSL rating

Conclusion

Google announced it, the generalization of the https protocol is inevitable, as much to pass as quickly as possible to benefit from the SEO bonus granted by Google. To date, only 1% of sites are secure!