Why your website needs an SSL certificate

Development / 02.10.18
Mark Vaesen

In July 2018 Google released a new update to its browser, Google Chrome, that included an interesting change to their search engine results pages (SERPs). It made an SSL Certificate a must-have.

In their aim to help facilitate a safer, more secure browsing experience for users, they started marking websites that have already taken proper security measures as ‘secure’.

You might have noticed this already – any website address that starts with HTTPS has this displayed in green letters in the address bar, as well as having a padlock icon placed next to it.

This is an indicator that the website has had an SSL certificate installed.

On the flip side, however, websites that do not have an SSL certificate are now being flagged on search as ‘not secure’.

It’s a reasonable assumption that if your company website is showing as ‘not secure’, any potential visitors might be put off visiting that site when it is displayed on SERPs.

If the choice was between your ‘not secure’ website and a ‘secure’ competitor website, which is sending the more trustworthy signal?

What is an SSL certificate and what does it do?

An SSL (secure socket layer) certificate is a small file that authenticates the website it is installed on and creates a secure link between itself and the browser of a website visitor.

With an SSL certificate installed, any data sent to the website is encrypted, with only the recipient able to access it.

Let’s say you want to pass a note to your friend across the classroom.

Normally, you would pass the note from one person to the other until it reaches its destination.

The problem is that anyone along that line who gets the note can open it up and read the information inside it!

An SSL certificate is to make sure the contents of the note don’t get read by anyone that’s not supposed to read it. It’s the equivalent of putting your note in a locked box, and you’ve given your friend the key ahead of time.

They are the only one who can see what’s in the box, as they have the key (the SSL certificate). It can therefore be passed down the line and you can be safe in the knowledge that only they can access it.

If anyone tries to read the note and they don’t have the key, all they’ll see is garbled (encrypted) data, which will most likely just look like random characters. It’s like they took the box and just tried smashing it on the floor, but it ripped the note apart in the process.

Does my website actually need an SSL certificate?

If you’re collecting any sort of information from customers – either an email subscription form, a contact form with their name and phone number, or taking online payments – it’s a very smart move to have an SSL certificate installed.

With GDPR having been implemented earlier in 2018 and big stories such as the Facebook and Cambridge Analytica scandal hitting the headlines, members of the public have become much more aware about where and how they put their personal information on the internet.

By showing that your business has taken the proper measures by installing an SSL certificate on your website, you can be sure to position yourself as a trustworthy and responsible brand.


In 2014 Google stated that they were to start taking into consideration SSL certificates as a ranking factor for their search results.

And, while it’s not the strongest of ranking factors, it might not remain that way forever.

As Google states themselves, “over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”

How do I get an SSL certificate installed?

The addition of an SSL certificate to a website should be done by a trusted and technically proficient person.

You will need to be able to carry out the installation, set up the infrastructure, validate your identity, and conduct a spot-check for any issues that might occur during the process.

As well as this, you will then have to redirect each page of your website from the older (HTTP) version to the newer (HTTPS) version – otherwise anyone visiting your website will be met with a missing page!

However – if this all sounds like too much effort (or far too complicated for you to do yourself), you could get in touch with Tomango and let us help.