Google is cracking down on sites that are not using an SSL registered in a public Certificate Transparency (CT) log. What this means is that anyone visiting your site’s website will be presented with a full-page warning.
Google’s Devon O’Brien had made note of this in a February Google Groups posting. In his posting he wrote, “All TLS server certificates issued after April 30, 2018 [must] be compliant with the Chromium CT Policy.”
HTTPS will become the new default as browsers across the spectrum start issuing warnings about HTTP sites that are “not secure”.
With that in mind, it only makes sense that Google would also be ramping up pressure on its mobile platform, especially considering that more people now use mobile devices than desktop computers. And with the majority of the apps on these mobile platforms making online connections, it only makes sense that Google would want those connections to be made securely.
This is a continued course that Google has been heading down for the past few years. Later this year, summer 2018, anyone using an Android based smart phone, by default, will block non-secure HTTP connections. Users will be able to allow or forbid HTTP connections on a per-domain basis, or even at the app level.
In addition to requiring apps make encrypted connections by default, Google will also be stepping up other safeguards with Android P. Namely by restricting apps’ access to other features like the phone’s camera, microphone, etc.
Where to buy
SSl’s are the way to show the public your site is secure, and your business is serious about keeping the customers data secure. At Cherry Host we feel that security is paramount with a near obsession to keep unruly characters out. Remember that even if you don’t get an SSL from us, you will need one regardless. Web pages not served via HTTPS will be marked ‘not secure’ in Google Chrome and other browsers. Don’t let your site be one of them and cost you revenue.