Commercial SSL certificates are changing

Starting later this month, (almost) everything we knew about SSL certificates is changing.

Keeping you safe online is a constant challenge, and the companies at the forefront of our web browsing experience, Google, Apple and Microsoft have all come together to drive one of the biggest shake-ups of the secure certificate industry around.

When you connect to a website, you will see a little padlock that tells you that the data that moves between you and the server is secure, or encrypted. It means that someone can’t see the contents of your web pages, or snoop on the data that is in your website.

The padlock also provides security that the website you are talking to has “proven” that they are who they say they are to someone else. We call these people Certificate Authorities. There are a number of ways that this can happen, including simple verifications that you own a domain name, through to extensive company verifications. (You’ll see a green bar with the company name if they have gone through this process).

Up until the end of this month, it was possible to buy certificates that were valid for up to 2 years. This was convenient for website owners and IT admins, who only had to worry about a new certificate once every 2 years. But from 1st September 2020, Google and Apple will no longer trust new certificates that are valid for more than 1 year. This change will help ensure the security of websites by forcing owners and system administrators to continually verify that they own a website, and also protect users – but it can create more work.

If you’re not sure how these changes impact you, you can chat to the team at Real World. We can help you implement a range of SSL solutions, including LetsEncrypt certificates, 1 year SSL certificates, or automated SSL subscriptions across your infrastructure.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.