Wednesday, November 11, 2015

Google Sending Messages To Webmasters For SSL/TLS Certificate Not Matching

google-https1-ss-1920

Google is now sending some webmasters notifications when their SSL/TLS certificate does not match their domain name. The new notification was first spotted by @MediaWyse.

It had the subject, “SSL/TLS certificate does not include domain name,” with the message:

Google has detected that the current SSL/TLS certificate used on [domain] does not include [domain] domain name. This means that your web site is not perceived as secure by some browsers. As a result, many web browsers will block users accessing your site by displaying a security warning message. This is done to protect users browsing behavior from being intercepted by a third party, which can happen on sites that are not secure.

I’d expect to see more flavors of these SSL/TLS warnings from Google and eventually it lead to Google becoming stricter about the ranking boost for HTTPS sites. Because currently, HTTPS errors don’t impact if the site gets an HTTPS ranking boost, even if it isn’t valid, if it is on an HTTPS URL, it would get the boost. But these notifications show two things (1) Google wants to notify webmasters when there are issues with their SSL/TLS certificates and (2) that Google is aware of it. Meaning, I’d suspect in the future, Google will update their HTTPS algorithm to not give the ranking boost for pages that have SSL/TLS issues.

Here is a screen shot of the notification:

google-ssl-tls-search-console-warning-1447245727

Zineb from Google did confirm Google is sending these notifications saying “we are now letting users know about issues with their TLS certs.”

The post Google Sending Messages To Webmasters For SSL/TLS Certificate Not Matching appeared first on Search Engine Land.

No comments:

Post a Comment