A website SSL Certificate, also seen as HTTPS in urls, is essential these days. And we truly mean essential. So it’s really important that you don’t just buy one as part of your site build and then let it expire.
It’s especially easy for larger organizations that have multiple domains and subdomains to let one or more SSL Certificate slip through the net. This article will explain why you can’t let this happen, and how to make sure it doesn’t.
What’s All the Yelling About?
You may be thinking: What’s the big deal? Why all the noise about SSL Certificates? Who would know if it expires? I’ll get round to renewing it, but I’ve got more important things to do…
But we’re not overhyping, we truly mean it when we say that HTTPS is not something you can let slip these days. Here are the main reasons why, in a nutshell:
- Data Security Risk – the main job of an SSL is to encrypt the info travelling from a customer’s browser (such as them typing in credit card details, address and phone number during an online shop) to your website server. This is private data, it needs to be protected to no-one but the customer and the website Admin can sneak a peek. Learn more: Understanding How SSL Encryption Works.
- Red Flag in Search Results – Google is leading the way in zero tolerance of websites that don’t have SSL protection. They now get flagged as ‘Not secure’. This happens not just for failing to buy an SSL Certificate for a website, but soon also for non-encrypted content embedded in the site too, like streaming video or audio. Learn more: Google Gets Even Stricter About HTTPS.
- Loss of Brand Trust – if a potential Internet customer sees an open padlock in their browser and a ‘Not secure’ message next to your domain name, they’re not going to be falling over themselves to spend money or share any private info on your website, right? And dozens of competitors are just one click away.
A drop of around 3% in rankings, customers shying away in search results because they see ‘Not secure’, and heaven forbid customer data getting hacked, amounts to two things. Your website will be seen as an unsafe place, and less site engagement means less money earned.
So we’re not yelling folks. Just saying loud and clear that this is not something you want happening to your online real estate.
Preventing HTTPS Expiry
Now that we’ve cleared up why an expired SSL Certificate is a no-go, even for one day, let’s
look at how you can make sure your website(s) are always protected:
- Any SSL provider worth their salt will send you at least one email reminder, so be sure they have your current email address and it doesn’t get sent to your junk folder. But we know that it’s easy to get busy and forget, which is why we like to play it safe and send out customers a reminder 30 days, 15 days, 7 days, 3 days, and 1 day before their SSL Certificate expires. Better safe than sorry! You’ll simply login to your account, and follow the Renewal steps.
- If you’re a large organization with loads of SSL Certificates, be sure your IT Department has an efficient renewal plan in place ahead of time, so that nothing slips through the net. Or you could choose an SSL Management service. With a quick online search you can narrow down the provider that best fits your needs and budget.
- Don’t forget that while Domain Validated SSL Certificates can be bought or renewed in minutes, Organization and Extended Validation types can take up to a week for the Certificate Authority to do the business verification checks. And be sure to have the official stuff in order so there are no delays. Learn more: Different types of SSLs.
Without HTTPS, your website runs the risk of a data security breach, being branded as ‘Not secure’, and loss of online trust in your business. So letting your SSL Certificate expire is simply not an option. Follow the tips in this blog so your online real estate is never left unsecured.