SSL Connection: Changing from HTTP to HTTPS

The latest question on the minds of internet marketers and search engine optimization companies is what to do about SSL.  SSL stands for “secure sockets layer”, and it’s the basis behind “https” website connections.  There have been many articles published about the SEO benefits of switching over to a secure connection, but many companies still haven’t implemented it because it often involves redirection.  And if done incorrectly, 301 redirects can ruin a website’s rankings overnight. This post will cover everything about https – what it is, how it works, and why you should start using it immediately, but will not cover the SEO impact.  To learn more about the effect of SSL and HTTPS on SEO, we recommend visiting

What’s the Difference Between HTTP & HTTPS?

HTTP stands for HyperText Transfer Protocol.  HTTPS is simply a secure version of the same thing.  When computers use HTTPS, they agree on a digital code that they scramble before sending data and unscramble when it’s received.  SSL and it’s latest upgrade, known as Transport Layer Security (TLS), encrypt information so it can be sent over a network securely.  Encrypted communication is primarily used to protect confidential transactions, such as banking and online shopping.

What is the Point of HTTPS?

HTTPS serves two purposes:

First, it verifies that you are communicating with the correct server.  Without this, you could be tricked into sending your confidential data somewhere else, possibly without you even knowing.

Second, it protects all information that’s transmitted.  So, only the intended server can read what you sent, and only you can read anything it sends back.  Even if someone intercepts the messages being sent, they won’t be able to read the data.

How is the SSL Connection Established?

First, the client sends the initial message to the target server.  This message includes one or more ciphers and the highest SSL version supported by the client.  The server responds with similar information and automatically decides on the best SSL version to use, taking into account the client’s preferences.

Second, with the connection established, the server must provide its identity to the client.  To do this, the server sends over an SSL certificate with information about the owner of the server, the domain name its related to, the date of the certificate, the digital signature, and other related information.  The client receives the certificate and checks it for validity with the help of a Certificate of Authority.  This all happens in seconds as the data is transmitted between the servers.

Next, the message itself is encrypted and sent over the network to the target server with the help of a symmetric algorithm; these use a single key to encrypt and decrypt transmitted files.  The single key that’s used in the transaction is what was agreed upon during the initial message.  Now, the relationship between the client and the server is established, so it’s smooth sailing.  Information can be sent back and forth securely.  And, in the event that someone is able to intercept the message, they won’t be able to read of change any of its contents.

Why Do I Need HTTPS?

With countless websites and companies being hacked daily, it’s become ever-more important to secure your data and ensure that your company and customers are protected.  Google announced recently that it’s Chrome software would soon point out whether or not websites were secure, which could have a huge impact on traffic.  Imagine going to a website and seeing a banner that the website may not be safe.  This will likely cause consumers to exit the site and go elsewhere, which will hurt SEO and as a result, hurt the companies who haven’t changed their websites to support HTTPS.  There are a number of free and paid SSL solutions that can be found with a quick search.  Cloudflare is one example that’s free to start with.  We highly recommend looking into this sooner rather than later for the sake of your customers and your bottom line.