Whether you have a website that asks customers for personal information like credit card details, address and phone number, or you’re a shopper deciding whether to make a purchase online, it’s important to be able to know that your interaction will be securely protected with valid, reputable SSL encryption.
And since so many people use Chrome as their default browser these days, this guide will run through the ways you can access a website’s SSL Certificate info to check that you’ll be properly safeguarded.
These methods are specific to Chrome, but other browsers are fairly similar:
Option 1 — Padlock
- Click the padlock icon at the top of your browser, next to the website’s domain name.
Option 2 — Developer Tools
- A drop down window will appear. The top heading should say ‘Connection is secure’. Google flags sites that are not protected with SSL encryption as ‘Not secure’. Further down, click ‘Certificate’.
- A new window will open. In this ‘General’ tab you’ll see the company name of the website (‘Issued to’), the Certificate Authority who supplied the SSL (‘Issued from’), and the length of validity.
- If you’re a tech-head and want to deep dive into the SSL Certificate like algorithm codes etc, click the Details tab.
- To open the Developer Tools display on Linux or Windows, press F12 or Ctrl + Shift + I combination on your keyboard. On a Mac, press ⌘ + Shift + I. Alternatively, you can open Developer Tools by clicking on the three vertical dots at the top right corner of your Chrome browser, then in the drop down list select ‘More tools > Developer tools’.
- A split window will open to the right of your browser page. In the top menu of this section click ‘Security’.
- The new tab will confirm ‘This page is secure (valid HTTPS).’ Further down it lists a button called ‘View Certificate. If you click on this you’ll get the same window as we’ve described in Option 1, Step 3 above.
You can also get more granular information on connection details and external sources, reload the page when on the Security tab in Developer Tools. You will see the list of initiated connections to Main source (the site you directly opened) and Secure origins (external resources that the site requested your browser to load). You can find connection, Certificate and Certificate Transparency
details by clicking on a listed source.
The main thing you’ll want to confirm is the wording telling you ‘This page is secure (valid HTTPS).’ or ‘Connection is secure’. These are a few last added bits to keep in mind:
- With some websites, when the ‘View Certificate’ window opens and you click the Details tab, look for the ‘Subject:’ subheading. This sometimes lists the exact SSL product, like our site does. It’s good to know that a site has Extended Validation (EV), which used to be displayed by a greenbar next to the browser padlock, up until about a year ago when browsers phased it out. EV means the business has gone through extra checks by the Certificate Authority. It proves that they’re fully legitimate, registered with local government (like LLC or INC), instead of some fly-by-night popup. Learn more about validation types here: Different types of SSLs.
- The padlock icon next to domain names in browsers, and typically shown in green or grey, means that the website is protected by Hypertext Transfer Protocol Secure (HTTPS). This is basically another way of saying the website has SSL encryption. Learn more here: How HTTPS protects people on your website.