Server Encryption Security Certificate Info

Server security certificates encrypt data between an internet website (including blogs) and the client's browser so that private data such as credit card transactions, employment applications and personal data such as membership login details can be exchanged between the two parties without the data being seen by others.

Weak Encryption Warning from FireFox

Server encryption security certificates are often referred to as an SSL certificate, although the SSL (Secure Socket Layer) encryption standard has become old and now most modern encryption is done using the new TLS encryption standard, and those still using older encryption methods may well generate a warning such as the example posted above.

However, even though modern security encryption uses TLS encryption, these security certificates are often referred to as SSL certificates,

This is important to note, because Moxilla FireFox web browser reports security issues with server certificates (such as found at Google's Gmail) in order to help users stay secure. That is a pretty big deal because Mozilla is gaining a great deal of support now that their 64 bit version of the FireFox web browser is so dynamite fast and since the company filed as a for profit corporation for public good. Google, on the other hand is merely an advertising platform that enables more spam and scammers without much control of how it hurts users, because its customer base is so overwhelming. Everything it sells or gives away is to offer a platform for its advertising platform, AdWords, which doesn't pre-approve the ads it shows (too many), and hence spammers and scammers are allowed to run. Still nice to get stuff for free or low cost, but it's a double edge sword.

As of as of July 1st, 2018, however, the Google Chrome web browser reports any website without an active server security certificate for each page the user visits by displaying a big red alert in the browser web address bar. Even if your website doesn't offer ecommerce, a member or administrattion login facility, even if it doesn't even have a feedback form, your website is going to look out-of-sorts against all the other websites on the web that are conforming to this new required server certificate policy standard that Google is, positively, forcing us to accept in order to keep the dark web and malicious hackers from being able to see transactions between a user and website, because the encrytion certificate makes it nearly impossible to see the data, whereas a non-encrypted connection is completely readable by anyone.

Yes, Google & Mozilla is forcing us to do this, and yes, it is long overdue. Part of the reason the dark web exists is that we make it easy, we have been vulnerable (as well as gullible). So, you absolutely must get a encrypted server certificate, or "SSL certificate", just to keep your website or blog credibility and maintain your brand.

No Encryption Security Certificate on this Server for this Domain/SubDomain Error Message

Quite honestly, even if someone knows what they are doing and is security aware, that red 'broken' or red 'slashed' padlock by the web address is going to get annoying, even to someone who knows a website is just offering information to the general public. What's even more interesting is that there doesn't seem to be a way to "whitelist" poor security certificates, at least not in Mozilla, anymore.

On the other hand, perhaps you have not enabled a feedback form on your website or blog merely because you haven't get a server security certificate for it? So making this happen will allow bloggers, site owners, admins and webmasters to take their web experience to the next level, too.

Server certificates actually do more than simply enable e-Commerce on the web.  SSL server cerificates hide passwords for logins, encrypts feedback forms so that even if a user sends private info, it is safe. Certainly, you still have to be careful who you buy from online, as you do in the real world, but the internet has created a revolution in the way people shop.

So, your website needs an SSL, or TLS, server certificate. Even bloggers have to make sure their blog is encrypted. The good news is that there are plenty of free options. Most likely, any blog (Blogger,, Tumblr, Medium, etc..) is already sharing their server certificate with you. You will have to check, though, if you are using a custom domain name, that they are offering a secure connection to that, as well. Most blog providers are extending their wildcard server certificates to users that use custom domain names, if they support it.

However, if you have setup a domain name on your own hosting, you will need to make sure that each domain you are hosting in the account is protected with a TLS or SSL server certificate. These can also be had for free.

Normally, the server certificate was customized for which ever server platform you are using for hosting (each has its own standard for the Cert), as well as having the domain name and contact info verified. This usually involved contacting the business or professional requesting the security certificate purchased, and then installing the server certificate on that domain in question, either by the host automatically, or according to the instructions given.

Purchasing an SSL or TLS encryption server certificate is still a good idea, and in fact a necessity for most companies and some professionals that rely on the integrity of the verification process. It is crucial and expected for high profile brands. These commercial server certificates go a long way in protecting and engancing a brand and/or reputation.

But there are some of us that have multiple domains and try to develop these into businesses, others for resale as premium brand name domains, and many do both. I personally have a wide variety of interests, and I design fonts, logos, brands, websites, user experiences, develop hosting options and partner with technology companies to resell their services with my marketing expertise. So, I not only have a site setup for each strength, I also have smaller websites offering my help and illustrating common sense when using some of my services.

With over 100 active domain names and at least 40 or so developed websites, I would go bankrupt if I had to pay for a server certificate for each and every one of them. I do use Blogger and Tumbler for some of them, but as a designer I am trying to showcase my work. As a web host, I am trying to demo my services.

And as a reselling web host many times over, I am happy to tell you that there are many good free options. Let's Encrypt offers free 3 month server security certificates, and I offer them at many of my web hosts. Another free option is Cloudflare, which provides a lot of cool free security services as an extension of its own web hosting network.

The Hosted Domains Management Page in HD Web Hosting Offers a Free Let's Encrypt Cert by Clicking the Setup "Gear" Icon for Each Domain as long as the Domain Name Servers are Correct

Free TLS (aka "SSL") encrytion certificates can be had at the following web hosts as a part of their "hosted domains" setup control panel. The Let's Encrypt requires that your domain name be set to the right name servers, and then is automatically applied and automatically renewed every 3 months without user interaction. You just have to set it up (when you setup the domain for hosting in your account, or afterwards by clicking on the settings gear icon).

Free Let's Encrypt server certificate setup with hosted domain (in alphabetical order):

Also, if you need to purchase a commercial Comodo encrytion server cert, you can get that there, as well.

If you have hosting that doesn't support free server encryption certificates, you can still get them from Let's Encrypt or Cloudfare:

The catch is that the free certs renew much more quickly, and without a host supporting automatic renewals such as the ones listed above, that will require a few clicks from you every few months.

I have other web hosting options as well, they don't offer free server certificates, but you can always purchase a premium encryption certificate there which will require some interaction through the verification process:

These will even accommodate your in-house web servers, though you would have to install these certificates yourself if you aren't using the vendor's own hosting or server platform solution offered.

Nevertheless, no matter your choice, just make sure to have or install an active encryption security server certificate on each of your hosted domains, whether a blog or site, e-commerce or not, every single page on the web needs to be secured, now.

Get it done.

Green Padlock means Site Secure!

Take care! -DP




Copyright MMXII, all rights reserved worldwide. This document is 100% original and quoting or re-use of any of its material without proper citation referencing this document at this web address will constitute infringement of Copyright and therefore be subject to lawful recourse.