Free SSL no good anymore??

Log in to reply
Davek0974

Davek0974

Free Member
Mar 7, 2008
2,633
312
Hertfordshire
  • #1
    I have ben using the SSL service offered free by my hosts for some time. Today i got an email saying that self-signed certificates were no good and i need to fix it.

    Now, in past experience - when google says something like this, what they really mean is "We will dramatically drop your site ranking until you obey"

    Anyone else get the warning??
     
    A

    arnydnxluk

  • #2
    Free SSL certificates issued by the likes of Let's Encrypt and Comodo are not equal to self-signed certificates, the latter won't be trusted by visitor's web browsers and therefore result in warnings. The website in your signature has a valid certificate from Let's Encrypt.

    What exactly did the warning from Google say? Has it referenced a specific domain you're using which only has a self-signed cert? If it's a generic message (i.e. not relating to a specific domain of yours), then you can ignore it assuming all of your domains are secured with certificates issued by Let's Encrypt.
     
    Upvote 0
    Davek0974

    Davek0974

    Free Member
    Mar 7, 2008
    2,633
    312
    Hertfordshire
  • #4
    Here we go, the email address appears genuine, just checked in my cPanel SSL page and all seems valid, current and set for auto-renewal. Very odd.

    Screen-Shot-2018-01-06-at-18.25.27.png
     
    Upvote 0
    A

    arnydnxluk

  • #6
    It's possible the email is based on out of date information, perhaps from a previous crawl. I did notice your certificate was only issued on the 4th of January, although this could be a coincidence if your certificate happened to have been renewed on the 4th. In any case you can ignore Google's email - the domain is now using a trusted certificate.
     
    • Like
    Reactions: Davek0974
    Upvote 0
    karmacomputing

    karmacomputing

    Free Member
    Jan 2, 2018
    23
    4
  • #8
    Right now, your domain (ddmetalproducts.co.uk) is signed by Let's Encrypt on 4th January 2018 , expires on 4th April 2018.

    If you'd like to, and you're using Google Chrome you can see this information yourself by opening Developer Tools (Ctrl+Shift+i) or Menu->More Tools->Developer tools, then click the 'security' tab to view your current certificate.

    Why 4th April 2018? This is because Let's Encrypt issues 90 day certificate lifespans, this is a conscious decision to promote automation and reduce risk (see "Pros and cons of 90-day certificate lifetimes" thread on their forum).

    So who's automating your certificate?
    krystal.co.uk looks to be your webhost, and they are probably automating this for you. So kudos you don't really need to worry!

    Note @simonswords.9902 has created a tool to monitor expiration of your urls so you can get reminders
     
    • Like
    Reactions: Davek0974
    Upvote 0
    K

    Karimbo

    Free Member
    • Nov 5, 2011
    2,697
    1
    353
  • #13
    A couple of my shared hosting providers have implemented https.

    Seems to be working fine. I remmeber it was a right PITA to pay for a dedicated IP and then a certificate to get https working before.

    So it's puzzling how the web hosts are suddenly able to give you all that for free. One shared hosting provider charged £50 p.a for a dedicated IP on top of anything you already paid.

    Just curious if anyone else has experienced a SERP boost after implementing HTTPS
     
    Upvote 0
    Log in to reply

    Latest Articles

    Join UK Business Forums for free business advice
    Top Bottom
    Community
    Articles
    Menu