This week I migrated the web site over to https. I opted for an extended validation certificate which means we get the shiny green box with “Net Assured Limited” in the browsers URL bar. The process to obtain an EV certificate is lengthy and in some cases can take weeks to be validated and certificate issued. You have to be patient and willing to jump through a few hoops to be be verified. In my case the time from requesting the certificate to validation and issuance was 3 days.
We do not sell products or store private information on our website so what prompted me to migrate to https?
- According to some articles I’ve read the Internet will be 80% encrypted within the next two years and I don’t want to be the odd one out. I’d prefer to be a pioneer and lead the way.
- Google is going to start favoring encrypted web sites over non encrypted sites from a search ranking perspective.
- I like the shiny green box in the url bar that you get with the extended validation certificate, I think it looks cool and inspires confidence to users of the site.
I also like the fact that users requesting content from my web site can’t have their session easily hijacked by service providers. HTTP is frequently hijacked with advertisements injected into the requests. using encryption helps prevent this except if the users session is man in the middled.
Given I work as a network security consultant I figured I should have my house in order 🙂