How can I recognize a valid SSL certificate - SISTRIX Login Free trialSISTRIX BlogFree ToolsAsk SISTRIXTutorialsWorkshopsAcademy Home / Ask SISTRIX / Google updates and algorithm changes – complete list / HTTPS Ranking Factor Update / How can I recognize a valid SSL certificate

How can I recognize a valid SSL certificate

Every modern web browser shows the use of encrypted HTTPS connections in the address bar and indicates if the website’s SSL certificate is not valid.ContentsContentsPay attention to the address bar of your web browserExample of invalid SSL certificates in the Chrome web browserAttention Why a valid SSL certificate is importantThe pitfalls of SSL certificates - why they may not validateVideo explanation What is SSL Additional information on the subject

Pay attention to the address bar of your web browser

The following screenshot shows the Internet Explorer while accessing two different banking websites:Requesting the first domain, santander.co.uk, the user arrives at the URL http://www.santander.co.uk/uk/index – an unencrypted connection.Requesting the second domain, db.com, the user arrives at the URL https://www.db.com/index_e.htm – an encrypted connection.

Example of invalid SSL certificates in the Chrome web browser

For both of the domains in the following screenshot the SSL-certificate is not valid and the web browser Chrome indicates this as follows: Two invalidvalid SSL certificatesWhy are both SSL certificates invalid and therefore create an unencrypted connection?Marked in red: a self-signed SSL certificate whose identity cannot be confirmed.Marked in yellow: An SSL certificate issued by a CA (Certification Authority) whose identity is confirmed. Although not all resources are loaded over the encrypted connection, which means that a potential security risk exists and the web browser does not validate the certificate.

Attention Why a valid SSL certificate is important

By using an SSL certificate you are able to establish encrypted HTTPS connections. This is only secure if the SSL certificate in use validates 100% of the website. Without encryption, all data send and received by your website can be accessed in full on its way through the Internet and third parties are even able change the data in transit. Additionally, while not as important as the above, HTTPS is a ranking factor for Google. In case of an invalid certificate, you will not receive a ranking-boost for your website. With the free certificate check from globalsign.ssllabs.com, you are able to gain additional insights into a domain’s SSL certificate. Example of a trustworthy certificate: Trustworthy SSL CertificateExample of an untrustworthy certificate: Untrustworthy SSL Certificate

The pitfalls of SSL certificates – why they may not validate

The following circumstances may cause a web browser to not validate an SSL certificate and consider it to be untrustworthy:Self-signed certificateNo known root certificate (not recognised Certification Authority (CA))The certificate is expiredThe accessed domain does not match the valid range of the domain registered in the certificateThe website contains unencrypted resources, which are, for example, loaded by third party websites without HTTPS supportThe support for the server name indication (SNI) is missing in the certificateOld protocol version due to the use of an old version of OpenSSL. Always use the newest TLS library!SSL v2 is unsafe and should not be used SSL v3 and TLS v1.0 are wide-spread, although their security is being challenged TLS v1.1 and v1.2 are the newest, safest standards The key length is less than 2048 bit

Video explanation What is SSL

This video explains the basics on SSL, which are good to know, and how encryption works.

Additional information on the subject

SSL/TLS Deployment Best Practices: PDFSSL server check with the SSL-Labs test from Qualys From: SISTRIX Team 08.11.2021 HTTPS Ranking Factor Update How can I recognize a valid SSL certificate Back to overview German English Spanish Italian French