As one of the leading digital marketing companies with a track record of more than 13 years in the business, we have helped hundreds of clients establish their business and become successful through our well engineered digital strategies. We have been successful in building future-proof digital solutions for our clients for more than a decade. But one change that came up unexpectedly in last few years is the “Non-secure” warning from Google for the websites that don’t use SSL certificates on their websites.
It may be shocking for the website owners to see the “Not secure” warning on their websites when they browse through the Chrome browser. But was it a surprise to the digital marketers and web designers? Not really. While it is a big concern to see the “Not secure” warning when someone visits your website, Google didn’t do it as a surprise. For the last 2 years, Google has been notifying us that they prefer a secure web. They started with an announcement that the more secure websites will start getting a ranking boost on search results. That was a strong indication that something serious is coming up. Then Google made the announcement that websites without SSL may start seeing the reduced ranking for their websites.
And finally the big announcement came from Google – starting from July 1, 2018, websites with SSL will see the “Not secure warning on Google Chrome browser. As of July 1, 2018, hundreds of thousands of websites still exist without SSL and they won’t work if tried to access with the HTTPS protocol. And on July 1, thousands of webmasters became panic and started looking for free SSL.
Being a leading digital marketing company in UAE and in India, SpiderWorks has worked with a lot of business owners and webmasters to make their websites rank high on search engines. We encouraged all of our customers to enable SSL on their website to make their website more secure and more importantly, comply with Google’s directive to follow their changed guidelines for better ranking.
Some of our customers were not willing to spend money for an SSL certificate. In case of some of our SEO customers, we took initiative and setup SSL on our own cost to ensure their rankings are not affected due to the requirement from Google. This is a proactive step we took as a responsible SEO company to make sure our clients’ ranking is not affected due to the SSL certificate requirements.
While we helped our existing clients to enable SSL on their websites, we receive a lot of queries asking for free SSL certificates. Even though the free SSL certificates are not the best option for serious business websites like e-commerce websites, it will work just fine for small informational websites and blogs which want nothing but avoid the “Not secure” warning from Google Chrome. So, we did some research on the free SSL certificate providers and have come up with this comprehensive list of free SSL certificates available in the market, Before I even talk about the free SSL certificates, let us take a quick look at the limitations of free SSL on search engine ranking (SEO) and other security aspects.
Technically, any certificate is valid. It doesn’t matter whether it is free or not. The price of an SSL certificate is not written on it. As long as it is a qualified and valid certificate, it just works fine like a paid certificate. In that perspective, if your goal is to get rid of the “Not secure” warning for your website on Google Chrome, then the free SSL certificate will work just fine.
The primary limitation of a free SSL certificate is on its management part. What is the procedure involved in getting the free SSL certificate? Are they going to continue this free service? Are there any associated “catches” for giving away this free of cost to you?
Before you choose a free certificate, you must look into the business plan of the certificate provider. Think why they are giving away free certificates. There definitely is a cost involved in providing SSL certificates and if someone is providing it free of cost, there must be some business plan behind it. Are they offering it free of cost just to reach out to a large customer base expecting to convert some of them as paid customers in future? that sounds just fine. As long as you are assured that their free SSL will continue to work, there is nothing to worry. You need to upgrade to their paid plans only if you wish to. But are they asking for your credit card before you get the free SSL? Then you must read their terms and conditions. Does the fine print say somewhere that you will be automatically upgraded to a paid plan after some period? Read carefully and make sure you are not trapped.
The key factor that you need to consider while choosing a certificate is, the trust level of the certificate issuing authority. Do all major browsers trust the certificate issued by your free SSL certificate issuing company? If not, then your SSL certificate is as good as not having a certificate. The primary purpose of an SSL certificate is to show that your website is a trusted and secure website. But if the browsers do not accept your SSL certificate as a sign of trust, then it doesn’t serve many purposes, even if it does the basic function of encrypting your pages. In the year 2016, Google made a public announcement that their Chrome browser no longer trusts the certificates issued by WoSign and StartCom. Also, in 2017, Google announced that they will start distrusting certificates issued by Semantec and their brands like Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL.
The free SSL certificates also come with other limitations like reduced speed for your website, low validity period etc. Some free certificates may even have a very low validity period like 90 days, which will make your administrative efforts to renew your certificate become a headache for you.
So, the primary purpose of this article was to give a list of free SSL certificates available in the context of new “Not secure” warning on Google Chrome for the websites that do not use HTTS protocol to serve their web pages. I have spent a good amount of time search for the free SSL certificate for our clients.
If you are looking for SSL certificate setup for your website and improve the ranking on Google, SpiderWorks can help you. We have been in the digital marketing business for more than a decade and have a strong experience in SEO and organic traffic generation. If you are looking for SEO services, we are here to help. With an office in UAE and our technical team located in India, we can help customers anywhere in the work. We can provide hundreds of testimonials from our happy clients across the globe.
So, here is the list of free SSL certificate providers. Please note that this is not a complete list and we are regularly updating this list as we find more providers.
This is a very popular name among the webmasters for their free certificates. They have been in the industry for quite a long time and have been issuing free certificates to thousands of websites. The “Let’s Encrypt” free certificate is brought to you by a non-profit organisation based out of California called ” Internet Security Research Group”. In 2017, they reported that serve 61 million unique domains and they expect to reach 90 million in 2018 due to the increasing adoption rate for SSL, thanks to the “Not secure” warning issued by Google Chrome browser. “Let’s Encrypt” is a strongly recommended option for those who are looking for free certificates for their websites.
1. Short validity: It expires in 90 days. You have to reinstall the SSL every 90 days, which makes it a headache unless you don’t much of other work to do!
2. No Extended Validation: They do only Domain level Validation (DV) and there is no Extended Validation (EV). They don’t validate the authority of the website and hence the certificate itself offers only the basic level of trust.
3. No Wildcard support: There is no multiple sub-domain support. You will need to get a wildcard SSL certificate to make your subdomains secure.
4. No technical support: Being free service, they don’t offer any technical support or assistance for the free certificate users.
Cloudflare is a popular free CDN provider and has been serving a huge customer base for years. The Cloudflare Universal SSL certificate is an absolutely free SSL certificate that can be used for websites using the Cloudflare services. But there is a big catch here. You can use the free Cloudflare SSL certificate on your site only if you change your nameservers to use the Cloudflare nameservers. It is quite easy to setup and deploy the free SSL certificate with the Cloudflare. Their automated system will issue and deploy the certificate with just a couple of configuration changes.
Cloudflare’s free SSL option has some browser and operating system limitations because of its use of Server Name Indication. This means, if you get a lot of visitors who use legacy browsers, then they might get issues with the free SSL from Cloudflare and you must need to upgrade to a paid SSL plan from Cloudflare to avoid such errors.
One of the advantages of Cloudflare SSL is, you don’t have to install any certificates on your server. The certificates are on the Cloudflare and it encrypts the data only between the Cloudflare server and the user’s browser. The data between your server and Cloudflare is not protected with the SSL, which may be a concern for critical websites like e-commerce websites which involve credit card transactions. For normal blogs and informational websites, the free SSL from Cloudflare will do the job.
For normal blogs and websites, the biggest disadvantage of Cloudflare SSL is its lack of support for legacy browsers and operating systems.
Did I miss any reliable free SSL providers? Let’s know by posting a comment below and we will be happy to update our list.