Keyword Search

October 12, 2017

SSL certificates are like condoms: you can have one, you don’t have to use it, but you should.

By Ross Gerring

Website with ssl certificate - green address bar in browser window

Like condoms, there is a major difference between having an SSL certificate, and using that SSL certificate. If you have one, but don’t use it, then you don’t enjoy the benefits.

Using an SSL certificate for your online site or application is a good and important thing. How do we know this? Because Google says so.

How do you check if you have an SSL certificate and, critically, whether it’s any good?

Here’s our favourite test using our own itomic.com.au domain name by way of example. Just replace our domain with yours:

http://sslshopper.com/ssl-checker.html#hostname=itomic.com.au

You should see all ticks, and no crosses. If you see any crosses for our domain name, please let us know!

If there are any crosses (failures) in the sslshopper report, then you want to get those fixed. No point using a condom if it’s got holes in, right? Speak with your web developer and/or hosting provider.

How do you check if you’re using your SSL certificate?

If you visit the http (non-SSL) version of your site, e.g. http://www.itomic.com.au, does it immediately auto-redirect to the https (SSL) version, e.g. https://www.itomic.com.au? If it doesn’t, then you might have a good SSL certificate available for use, but you’re not using it, and you need to be. Speak with your website and/or hosting provider.

FYI this auto-redirection from http to https is known as “Always On SSL” (AOSSL) or “HTTPS Everywhere“.

Further reading:

Secure your site with HTTPS (Google)
What is SSL, TLS and HTTPS
(Symantec)