Today, the latest update to Google’s Chrome browser, (Version 68), racks up the pressure on website owners to implement TLS/SSL encryption by default. Any website which does not will now display a ‘Not Secure’ warning. http is no longer acceptable.

Google and others have stated categorically that protecting all users of the internet by enforcing secure communications between users and publishers of web sites by default is one of the most important ways to improve the reliability and integrity of the web in general.

The use of digital certificates by web sites is therefore seen as a must, and encouragingly, the figures for the % of traffic using HTTPS is growing at a steady rate. You can view Google’s latest figures in their Transparency Report.

Google Chrome Update 68: Is Your Website Secure?

The changes that Google have made to Chrome over the past few releases have been to highlight whether or not the site being browsed is using SSL encryption, and if there are problems or issues with the encryption or the certificate(s) used to implement it. (recall the SHA-1 issue last year).

With this new version, 68.0.xx, when encountering a site that doesn’t use HTTPS but remains with HTTP (i.e. not encrypted), it will display an unambiguous warning in the address bar, clearly stating that the site is not secure.

Google Chrome Update 68: Is Your Website Secure?

The use of digital certificates by all web sites must now seen as mandatory. Website owners and publishers should implement SSL/HTTPS encryption on all of their websites now.

Managing SSL Certificates

If you’re an organisation with multiple websites, managing your SSL certificates can seem like an impossible task which is why we have researched all available solutions to make this as easy as possible for you. AppViewX Cert+ is literally a one-stop solution for automated discovery, expiry alerting, renewal, provisioning and revoking of SSL/TLS certificates. Please take a look at the solution, but if you’d like any advice or information regarding SSL and encryption best practices, or you would like to know more about certificate and key management for web sites & secure email, please don’t hesitate to get in touch.