In October 2016 at the CA/Browser Forum in Redmond, Washington, Google software engineer Ryan Sleevi announced Google’s move to make Certificate Transparency mandatory for Chrome web browsing.
What’s the big deal about HTTPS and Digital Certificates?
The Certificate Transparency is an open source framework by Google that monitors and audits domain certificates. How? If you’ve recently surfed the Internet on your Chrome browser, you’ve probably noticed an indicator next to a domain name. An indicator which looks like one of the following:
The symbol indicates if a website is safe to visit. Here is the explanation for each:
- Secure: The information you send to the site will be private.
- Info: The site isn’t using a private connection. Someone might be able to see the information you send through this site. Google suggests you don’t enter sensitive details, like passwords or credit cards.
- Not Secure or Dangerous: Google suggests you don’t enter any private or personal information on this page. If avoidable, don’t use this site.
Why does this happen?
HTTP is HyperText Transfer Protocol and the ‘S’ at the end of HTTPS stands for SSL (Secure Socket Layer). This digital certificate, if installed, activates a padlock and the HTTPS protocol which allows a secure connection from a web server to a browser. Without a digital certificate or a ‘HTTPS’ connection, Chrome will label the website as ‘Not Secure’.
Since January 2017, Chrome has already begun flagging websites as ‘Not secure’ and by October 2017, all websites will be required to adopt the Certificate Transparency standard.
What does an SSL certificate do?
An SSL certificate is a bit of code that secures sensitive information across different networks around the world. Even if your website does not request information like credit card details, SSL is still critical to your website.
Information is passed from computer to computer to get to the destination server. An computer within this network (between your computer and the destination server) will have access to passwords, account details, personal information etc. An SSL certificate encrypts that information so it is only read by the destination server.
What is encryption?
Encryption is a mathematical process of converting some data or information into a code with the intent to prevent unauthorised access.
A number of bits builds the size of the key. The bits can be 40-bit, 56-bit or 256-bit. Think of it as the combination number lock you’d use to secure your travel suitcase. A regular number lock has about 3 columns but imagine how much more secure it would be if it had say, 5 columns of numbers. Similarly with bits – the larger the key, the more possible the combination. A 128-bit encryption is one trillion times stronger than 40-bit encryption.
Can I install an SSL certificate on Shared Hosting?
To ensure your clients’ websites are marked safe, we strongly suggest installing SSL certificates on Shared Hosting.
From a technical point, yes In most of the cases, for the certificate installation to successfully work for your site, you’ll need a Dedicated IP address in that Shared hosting environment.
You can most definitely use an SSL certificate on your shared hosting plan but whether or not your provider allows it is something you need to find out.
A digital certification is a must to keep your website secure. It’s the standard security technology for an encrypted link between a server and a browser.