Chrome will mark sites without an SSL certificate as insecure starting July 2018

As of July 2018, the Google Chrome web browser will display an 'insecure' warning to visitors of any site that does not have an SSL certificate configured. This means you should definitely make sure your website is using an SSL certificate by July.

This article gives you an overview of why this is happening and how to prepare your website.

Why is this happening?

Google has been making a push over the last few years to encourage website owners to protect their site and customer's data by using an SSL certificate.

When an SSL certificate is enabled, all traffic within the domain is encrypted. This ensures all communication of sensitive data (such as credit card information or passwords) is protected.

Are other browsers going to display the same warning?

At this time, only Google Chrome is set to display an insecure warning. However, it's likely that in the very near future, other browsers will follow this example and adopt the same policy.

Does it really matter if my site isn't handling sensitive information?

Yes. As of Feb 2018, the Chrome browser accounts for 77.9% percent of total browser traffic.

This means that most visitors to your site are probably using Chrome. Even if your site does not handle sensitive data (such as credit card information or passwords), your site will still be marked as 'insecure' by Google. Visitors to your site may be concerned about the warning and choose to avoid your site.

How do I prepare my site for this change?

To ensure your website traffic is not affected, it's highly recommended you add an SSL certificate. DreamHost recommends adding either a free 'Let's Encrypt' or paid 'Comodo' certificate.

A self-signed certificate is not recommended as it will still display a security warning in any browser.

Where can I learn more about this?

View the following links for further information:

Did this article answer your questions?

Article last updated PST.