Many
of our readers not only invest
in domains as assets in their own
right but also develop
full-featured informational or
ecommerce websites on one or
more of their favorite names. For
those who do operate websites, Google
is planning to enact a major
change in July (yes this
July - 2018) that could cause your
site to lose a significant amount
of traffic if you have not
prepared for it.
As
most of you know Google's Chrome
browser is by far the one most
commonly used by web surfers. As of
this writing, Chrome's browser
market share was over
60% with Internet Explorer
and Firefox both far behind
at at about 12% each. When
Google releases Chrome version 68
in July
the company plans
to mark all websites that do
not have an SSL
certificate as Not
Secure. With an |
Above:
Current Chrome
browser address
bar with SSL certificate installed. |
SSL
certificate properly
installed a padlock icon
will appear next your
address in the browser bar
and an "s"
for secure is added to the
"http" part of
your URL. On Chrome, it adds
a Secure label as
well. This assures visitors
to your site that the
connection between their
browser and your website is encrypted,
protecting sensitive
information from prying
eyes. |
Below:
Starting in July 2018 if your web
address (and site pages) still
begins with http (the result
of not having an SSL certificate in
place)
Chrome will label your website Not
Secure in its address bar
which could keep a
significant number of your visitors
from proceeding to your site. A
couple of years ago only about 3%
of websites were encrypted but since
Google made it known it was heading
in this direction with Chrome there
has been a mad dash by site
owners to get their own
certificates in place. Over 50%
of sites are believed to have them
now. In the past they were a
necessity for e-commerce and
financial sites to assure visitors
their data would not be intercepted.
Now all kinds of sites will need to
have one in place to leverage
advanced mobile and browser features
and to avoid the not secure stigma.
The penalty for not acting is
expected to get even more severe in
the near future with full page
"not a secure site"
warnings coming up when surfers try
to reach an unencrypted site.
Michael
Ward
EVP, Strategic Partnerships
The SSL Store |
I
have to act on this myself
and it could have been a
problem for me as I had no
idea what was involved in
buying an SSL certificate,
what kind to buy (there are
several options) and how to
get it installed.
Fortunately, I had the perfect
contact to reach out to
and get my many questions
answered - answers I will
share with you in this
article. If
you have spent much time at
all in the domain
industry odds are you
already know who Michael
Ward is. Michael
entered the business the
same year I did (2002),
starting with Verisign
and proceeding through
executive positions at the Public
Interest Registry (the
administrator of .ORG domains),
domain monetization service Parked.com,
DNC Holdings (who
operates registrar
DirectNic) and Uniregistry.
As it happens, Michael most
recently took a position as
Executive Vice President,
Strategic
Partnerships,
for the world's largest distributor
of SSL certificates,
The
SSL Store. Better
yet, Ward and The SSL Store
are based in the same place
we are, Florida's Tampa
Bay area - specifically
downtown St. Petersburg
for The SSL |
Store,
who also maintains offices
in Ahmedabad, India
and Amsterdam, The
Netherlands. So, I took
advantage of having the
highest level of SSL
expertise in our backyard
and paid a visit to Michael
at The SSL Store where he
introduced me to Chief
Operating Officer Bill
Grueninger and Director
of Channel Operations Kyle
Grueninger. The four of
us retired to the company's
conference room where Bill,
Kyle and Michael gave me a
great introduction to the
basics of SSL certificates
and encryption. |
(Left
to right): Michael Ward,
Bill Grueninger, Company
Founder John Tuncer in photo
on wall, Kyle Grueninger.
SSL
reselling officially started in 2007
when serial entrepreneur and company
founder John Tuncer saw
an opportunity to satisfy a gap in
his own business and eventually the
entire SSL industry. Bill worked
with John previously in another
capacity on John’s own web
development/SEO service that
included building e-commerce
enabled websites. Those websites
required SSL certificates and they
decided as long as they had to have
them they might as well provide them
themselves. Tuncer and Grueninger
quickly became an SSL certificate
reseller and eventually a top
tier partner of RapidSSL
allowing them to immediately offer
clients one popular brand, great
service and support while
maintaining the lowest possible
pricing.
As
the SSL business grew Tuncer and
Grueninger knew to get to the next
level they needed a higher
level brand that would allow the
company to represent multiple
SSL brands and services.
The SSL Store gave them the
opportunity to do that. In one
place, The SSL Store offers all of
the leading SSL certificate brands
including giants Comodo and DigiCert
(formerly Symantec) as well as GeoTrust, Thawte, RapidSSL
and Certum. This product
lineup accounts for the majority of
the commercial SSL market.
SSL
Store COO Bill Grueninger at
work in his office in the
historic
Palais Royale building in
downtown St. Petersburg, Florida.
The
SSL store operates on several
levels. There is a retail channel
for individual website owners and a
reseller channel with over 8,000
resellers under them that is
their bread and butter. The latter
clients are hosting companies,
registrars, web designers, etc.
There is also a rapidly growing enterprise
channel in which they service
large companies that may operate
hundreds of different public and
private websites. The SSL Store
offers complete certificate
management solutions that
takes the management load off of the
client and makes sure they have the
appropriate certificate in place for
all of their sites.
When
I say "the appropriate certificate"
that refers to the many
different kinds that can
be purchased, with the right one for
your site depending on your specific
needs. The least expensive one is a Domain
Validated (DV) certificate which
will likely be all most of our
readers will need. They are popular
because they are fast and simple to
get - all you have to do is prove
you own the domain you wish to
secure - and inexpensive (as little
as $15 annually). The process
usually takes just a few minutes to
complete and you'll get industry
standard encryption and trust
indicators like HTTPS
and the padlock icon. Encryption
is coming and at the SSL Store
the writing in on the wall - literally
on the wall! Those letters and
numbers on the glass behind Michael
Ward and Kyle Grueninger are
the company's actual Certificate
Signing Request (CSR) - a block
of encoded text included in an SSL
certificate that includes
information like the organization
name, domain name, locality, and
country.
The
next step up are Organization
Validated (OV) certificates.
These certificates increase the
level of trust because they validate
that a domain belongs to a registered
business before being
issued. This process typically takes
a day to complete. The added benefit
of an OV certificate is a dynamic
site seal, which when
clicked on, displays
validated company information
to a visitor, along with HTTPS
and the padlock
icon. At
the top level are Extended
Validation (EV) certificates.
The main feature of EV certificates
is the green address bar
that displays the verified company
name in green next to the URL -
it’s the most universally trusted
symbol across the web. Websites
equipped with the green address bar
– like Apple, PayPal and Twitter –
are instantly recognized as a
legitimate, legal entity that’s
behind the website and can be
trusted with sensitive information
at glance. The business validation
process is a little more thorough
than OV, but can typically be
completed in a day or so, but it is
the highest level of trust for a
website and your brand. Director
of Channel Operations at work in his
office at The SSL Store. There
are several other kinds of special
use certificates, including Multi-Domain
(MD) and Wildcard
certificates. One Multi-Domain SSL
certificate can cover up to 250
total domains, depending on the
brand of certificate. Multi-Domain
certificates are an extremely
convenient option for businesses
that own a lot of different TLD
extensions and want to cover them
all with full 256-bit encryption
without having to purchase and
install separate SSLs for each one.
A Wildcard can protect all
subdomains with just one
certificate. Whatever kind you may
need The SSL Store offers it.
With
respect to installation, once
you buy your certificate it is
installed through your hosting
company. The SSL certificate comes
with files you can provide your host
to install (or those with some technical
expertise shouldn't have any trouble
installing them on their own). I
mentioned earlier that many hosting
companies resell SSL certificates.
So, you can order one through most
hosts and they will likely install
it for you at no additional cost but
you will pay dearly for the
convenience. I did a quick check at
my host and found the DV certificate
I can buy through The SSL Store for
$15 costs $75 for the same level of certificate
through my host. Since a quick
Google search returned instructions
for installing an SSL certificate
through CPanel, odds are you can do
it yourself. Of course, if you buy
through The SSL Store and run into
problems you can take advantage of
their Customer Experience
Department for around
the clock support. Just
one corner of the SSL Store's
Customer Experience Department where
SSL experts
are always on duty to answer
questions and solve any problems
that may arise. Regarding
cost, we also talked about a new development
- free SSL certificates.
These are being offered through Let's
Encrypt, a Google-backed
Certificate Authority. As always,
this is a case of "you get what
you pay for." Bill Grueninger
noted that Lets Encrypt offers basic
encryption only - none of the higher
trust levels like verified identity.
As a free service it is free to
anyone - bad actors as well as
good ones. Being encrypted
doesn't necessarily mean being safe
if you don't know who is behind the
site. Grueninger believes this could
make an already bad phishing problem
worse unless a way to keep the keep
the miscreants out is quickly
implemented. With
security issues front and center for
so many Internet users today your
SSL certificate is probably not
the best place to cut corners,
especially when there are so many
low cost options available from the
long established trusted companies
represented in The SSL Store's
offerings. For
us, being able to get SSL
certificate guidance from a
trusted domain industry veteran, Michael
Ward (at his SSL Store desk
above), will make it a lot easier
for us to make the right choice in
implementing encryption before
Google's Chrome update changes the
landscape in July.
|