Google Sending Messages To Webmasters For SSL/TLS Certificate Not Matching

Google starts notifying webmasters of broken SSL/TLS certificates. Will this lead to a stricter HTTPS ranking factor?

google-https1-ss-1920-800x450

Google is now sending some webmasters notifications when their SSL/TLS certificates do not match their domain names. The new notification was first spotted by@MediaWyse.

It had the subject, “SSL/TLS certificate does not include domain name,” with the message:

Google has detected that the current SSL/TLS certificate used on [domain] does not include [domain] domain name. This means that your web site is not perceived as secure by some browsers. As a result, many web browsers will block users accessing your site by displaying a security warning message. This is done to protect users browsing behavior from being intercepted by a third party, which can happen on sites that are not secure.

I’d expect to see more flavors of these SSL/TLS warnings from Google and for Google to become stricter about the ranking boost for HTTPS sites.google-ssl-tls-search-console-warning-1447245727

Currently, HTTPS errors don’t affect whether the site gets an HTTPS ranking boost, even if it isn’t valid; if it is on an HTTPS URL, it would get the boost. But these notifications show two things: (1) Google wants to notify webmasters when there are issues with their SSL/TLS certificates; and (2) Google is aware of it. Meaning, I’d suspect, that in the future, Google will update their HTTPS algorithm to not give the ranking boost for pages that have SSL/TLS issues.

Here is a screen shot of the notification:

Leave a Reply