It’s no big secret that Google recently STRONGLY hinted that the future of the search engine ranking matrix will include brownie points for sites with SSL Certification.
The reason is to encourage webmasters to switch over to the https: world to ensure a future of a secure internet. They do affirm that quality content is still continuing to be important with ranking as well.
We all know ranking and traffic are close cousins – so should you concern yourself with changing, and how much is involved?
Because I love to experiment with things I decided to move my business site to a secure server and installed a SSL certificate. Happily I can tell you first hand exactly what problems there were in doing this and whether or not I noticed a bump in traffic.
Should You Switch to https?
I would suggest that
I would also suggest you get your certificate from a known and reputable company. You can get FREE SSL certificates but I won’t recommend it.
It’s Not as Easy as I’d Thought
When I first started to poke around to see what all was involved in installing the SSL certificate I contacted my web host and asked them what I needed to do to make it happen.
My web hosting provider is Synthesis. I pay their premium fees because their servers are secure, fast, and optimized for WordPress. They have a bunch of other stuff that is included but the main points for me is fast and to be able to handle the traffic.
After what I went through to finally have a working SSL certificate you will see why I happily stay and continue to pay them. Bottom line on these guys is their technical knowledge, skills, and customer service is
Installing SSL Mistakes and Wins
As with most things unfamiliar there is a steep learning curve. At least in the beginning. My initial informational gathering phase wasn’t thorough enough so hopefully my blunders will keep you from making the same mistakes.
Most of my faux pas are made from not having all the information required to do what I have set out to do. Sometimes you just have to take action and let the chips fall. Having all the information first doesn’t necessarily save a person from making mistakes either.
I sent an email to my hosting provider Synthesis and asked what did I need to do to change my site from http to https? They replied there were only two simple things.
1. Purchase the SSL Certificate from a certificate issuer.
2. Give them the information they needed so they could create a CSR (Certificate Signing Request) for the server.
To create the CSR they needed the following information:
Country Name (2 letter code)
State or Province Name (full name)
Locality Name (eg, city)
Organization Name (eg, company)
Organizational Unit Name (eg, section)
Common Name (eg, your domain)
Well, IF that’s all there is to it – why not?
I called GoDaddy to discuss the details to purchase a SSL certificate. The guy I spoke with was happy to sell me one and I went ahead and bought it for three years at about $75 per year.
–>> This was my FIRST mistake!
At this point I had done enough research to decide to get a professional SSL Certificate. I wanted my business name in the browser bar so people would be able to clearly see that the site was secure.
I’ve now shelled out over $200 on the wrong certificate and didn’t know that I didn’t have what I wanted.
Because Synthesis is so excellent they very quickly had my CSR generated and with the help of the GoDaddy support I quickly had a new SSL certificate that I gave to Synthesis to install.
Once that was installed on the server I noticed in the browser there was no lock, not grey or green, and the business name was missing. Instead there was a grey warning triangle.
I checked and sure enough I had missed a step – I still needed to install the seal in the footer of the website.
Crap! That wasn’t enough – still had the warning sign.
Since I wanted the entire site to be https I requested a complete 301 redirect from http. They happily did that for me but still… no padlock.
This is where I learned about the site https://www.whynopadlock.com/. What a great resource. The problem was all the images and all the links on every blog post and page was still using the http address.
AND my website was now s l o w e r to load. I’ll tell to WHY this was and how we (they) fixed it – in a minute.
The Work Required to Get a Green Padlock
Every page and post and sidebar had to be updated to change the link addresses. I still had a LOT OF WORK left to do.
The fastest way was to just go through each post, one by one. Most things were obvious and the changes were quick. Soon enough I was getting a green padlock on most pages. On the pages that weren’t obvious why the warning sign remained I would run it through whynopadlock.com.
Disappointingly the business name STILL wasn’t showing up in the browser.
The sidebars would affect every page so they were fixed first and I also found a .js call using http that I had installed in the
< body > of the site.
MORE Problems with SSL & Aweber Forms
Another queer thing was none of the Aweber forms would show up. They had all disappeared! The code was still there but the forms wouldn’t show. Whatever the issue was with the script at the time has been changed so it does work now but the original fix was to use the html code.
Switching to the html code worked but the warning sign was still in the browser bar. This was “forced” green changing all the links in the code to https: PLUS all the images in the form have to be https. This has to be done inside your Aweber account.
The 301 redirect was in place because https means you have a new web address. This actually slowed my traffic instead of increasing it – but only for a couple of days. Part of the reason could be the new address itself and the other could be the
YOU’VE BEEN WARNED!
When you switch to https you lose all your likes, shares, tweets, and pluses. Back to 0!
Initial Problems with SSL Certificate
– The certificate had to be re-installed because I was getting an SSL Error.
– The site was slow to load.
After doing some research on why the site was slower I learned that the connection now has to be encrypted and decrypted on both the server and on the user side. Its like they are having a conversation reminiscent to the chatter of the fax machine of yesteryear.
Here is the conversation (as I hear it in my head)
“Are you safe?”
“Yes, I’m safe”
“Are you sure? Show me your certificate”
“Thanks, let me see if its valid”
“Oh right it is”
By-the-way – this is called Prosopopoeia
I found that a way to stop all this back and forth chatter was to have support for SPDY and OCSP stapling.
Here is a resource SSL checker that will give detailed information and grade your install.
I contacted Synthesis to inquire about activating SPDY and to let them know that I was also getting a SSL/TLS Handshake error.
What I wanted is NOT part of a standard SSL install but Synthesis was happy to help.
Business Name not in Browser?
After all that the business name STILL wasn’t showing up in the browser bar. It was my fault that I had bought the wrong SSL Certificate because I had not done my homework. Fooey!
If you want your green business name in the browser – you need to get a Premium SSL EV (Extended Validation) Certificate.
So I bought one (more money, of course).
Having gone through all the work so far it was no surprise to find out that it wasn’t going to be as simple as just installing a new certificate.
I had to bug the (very patient) folks at Synthesis again to generate another CSR and install another SSL certificate. They did all this work quickly and happily but the site was still loading slow. They could not enable SPDY on the server and so my site needed to be migrated to a new one.
New server, new IP address. Synthesis did the migration for me.
At the same time on the GoDaddy side of things I had to fill out a bunch of forms so the new SSL EV certificate would work. To ensure the integrity of the certificate you have to prove your business. They actually need to validate you by verifying you have a
But it wasn’t over yet!
There were still issues with the OCSP responder from GoDaddy that wasn’t responding to the Synthesis server.
But that was all fixed up quickly too.
I have to tell you that Synthesis is AWESOME! I was also very happy with how good GoDaddy was with the certificates too. It only took a couple of days to get the EV cleared and set up where they could have taken weeks.
After all the rigmarole and back and forth needed to get my site the way I wanted it I was impressed with the knowledge and quickness that every hurdle was managed.
The fixes and server stuff I wanted isn’t standard with any SSL certificate installation. Synthesis did all the fixes for me, migrated my site to a brand new server and guess how much extra they wanted for all this work?
Nada, zero, diddly-squat, zilch!
Compare Synthesis to a different hosting company.
Just out of curiosity I wondered how a different hosting company would handle all my requests.
I sent an email to MediaTemple.
As a matter-of-fact Synthesis uses their servers. Also, GoDaddy has recently acquired MediaTemple as part of their expansion efforts. I just want to highlight WHY I pay more for Synthesis when they all use the same servers.
Here is where
Letter to MediaTemple
do they support SPDY in a SSL install?
Do you guys sell / supply the SSL or do you just generate a new CSR/Key pair for a certificate purchased elsewhere.
Can your servers include the NPN Extension?
Do you set up OCSP stapling?
Do you manage (hide) the htaccess files – if so, would you implement the https redirect?
I am asking all these questions because I just installed a SSL certificate to a site and it was quite involved. I will be writing a post on the “how to’s” and recommending servers (hosting).
2) the SSL is provided by a third-party, which is GeoTrust. we are a GeoTrust reseller.
3) I don’t know. never heard of that.
4) I don’t know. never heard of that.
5) every server can accommodate an .htaccess file. if the customer wants something specific to occur, they have to modify the .htaccess. we don’t offer help with code, and that includes .htaccess. all that being said, I think CloudTech can help with a .htaccess redirect for a fee.
So there you have it.
If you are going to be upgrading to an SSL certificate and want to know that your hosting company can make your site fast and secure and light up your business name in green.
Installing SSL Certificate Steps
1. Make sure your hosting company can handle the upgrade.
2. Get your certificate from a reputable dealer
3. Change all your links (images and urls) within your posts, pages, footers, and sidebars to https.
4. Test all your pages using the resources below