Scare customers with expired SSL certificates

Expired SSL Certificate

Search Engine Land wrote about different ways in which we inadvertently harm our websites and online businesses. Particularly relevant, is how expired SSL certificates can scare away customers:

If you're a small business conducting ecommerce, you're probably familiar with Secure Sockets Layer (SSL) Certificates. These certificates enable encryption of sensitive information during online transactions. When the certificate is up to date the technology protects your web site and lets customers know they can trust you. Sadly, many times the person who originally set up the certificate moves on. Because their email no longer works, the renewal notices fall to the side. So you plod along unaware of the lurking danger. Sales plummet and no one can determine why.

Finally, someone notices the "scary security messages" that appear when someone starts the checkout process. If you're lucky, a customer will call and tell you about the problem. If you're smart, you'll have an employee periodically verify that your checkout process and SSL certificate are working properly.

To check your SSL certificate, visit a secure page on your site then double click on the padlock icon in the bottom right corner of your browser. A window will pop up showing the SSL certification details including the expiration date. If the certificate is set to expire in less than 2-3 weeks, you should begin working with your IT department or ISP to get the certificate renewed.

IT Managers can also try to order SSL certificates at the same time so that the expiration is always expected, or, more practically, sign up for SSL certificates using a general email address so that the renewal notices are seen. If you have an expired certificate, you can compare SSL certificates in our certificate wizard to find a new certificate to renew it with. It's certainly not good for business but remember that you aren't the only one who forgets to renew SSL certificates.

When Ignorance Isn't Bliss: What You Don't Know About Your Web Site Can Hurt You - [Search Engine Land]

Expired SSL Certificate in Firefox 3

 Digg  Reddit

Posted on July 19, 2007
Posts: 1
Re: Expired SSL Certificates
Reply #2 on : Mon July 12, 2010, 19:38:36
Hi Gorro,

An expired SSL certificate can still enable encryption if you manually accept it. You simply can't put as much trust in it.
Posts: 1
Expired SSL Certificates
Reply #1 on : Mon July 12, 2010, 15:39:58

If a SSL certificate has expired, does it not offer any security or encryption of data?

Write a comment

If you have trouble reading the code, click on the code itself to generate a new random code.
Security Code:
Post Comment