How to switch to HTTPS and what is the importance of the SSL certificate to keep track of?

HTTPS (Hypertext Transfer Protocol Secure) is a protocol developed by Google to increase the security of sites where there are some types of transactions. Login, bank transfers, payments in different ways.

Through HTTPS, your data is protected on the site by a protection shortened as TransportLayer Security ( TLS  ) protection in three layers.

1. encryption
2. Data protection
3. authentication

When you enable this on your site, ask for approved certificate providers. In order to enable HTTPS correctly, you should get a personal certificate that applies only to your site.

This should be considered when selecting the type of website certificate. You'll have the latest.

• The certificate should support 2048 bits.
• The Certification Authority shall provide technical support

Then select the correct alignment of the certificate. There are three different to choose from.

1. Joker Certificate. If you have many dynamic subdomains that look like this, for example, example.example.com, etc.
2. More Domain Certificate. When you have several well-known safe sources. www.example.se, cdn.example.se, example.se.
3. Single certificate. Once you know you will only have a domain.

Google is different from HTTP and HTTPS. For them there are two completely different websites. This means that all HTTP pages must be redirected to the HTTPS pages by 301.

Make sure that the server where you have your site also supports HSTS and that it is enabled. This means that if people type HTTP, they are directed to your HTTPS page automatically.

List any problems to keep track of and make sure they work properly

• The certificate has not expired. It should be renewed on a regular basis.
• If your domain is set correctly, it will only appear with or without www before domain name, not both and. Make sure that the certificate is issued with the same.
• Make sure SNI is supported by the web server. SNI stands for Server Name Indication. Is an extension of TLS. Briefly explained TLS helps the server create a virtual right domain that was first approved by TLS before information appears in the site visitor's browser.
• The robot file must not block crawling of the HTTPS pages.
• Avoid meta tag noindex as far as possible so Google can search engine index your site.
• Make sure that the web server uses the latest updated versions of the TLS libraries.
• Do not mix security elements. Only have HTTPS content on HTTPS pages.
• The content of HTTP and the mirrored HTTPS website should be the same.
• While directing and displaying their pages via HTTPS, the HTTP pages will continue to display the correct server messages like 200 for ok and 404 for missing pages or 410 for completely deleted pages.

Do you have an existing website that you want to migrate to HTTPS from HTTP?