We all know how important SSL is, and in the slew of security how-to posts, SSL is never missing from the list of musts for your security system. But what if you’re an individual managing your own ecommerce site, or a small company without a dedicated IT-manager? You’ll probably have to figure out the process of obtaining an SSL certificate by yourself. Believe it or not, this is the easy part of the whole equation. Most domain providers or security providers often include SSL as part of the package, and with initiatives like Let’s Encrypt, encryption is made free and available for everyone, albeit only 90 days at a time. The next part — making sure the certificate has been properly issued, installed and is valid — can get a bit more tricky. Although it seems like it should be at the forefront of every single browser, sometimes it can be difficult finding SSL certificate details on different desktop and mobile browsers.
However, if you know where to look, it’s as easy as a click of the mouse or swipe of the finger. Let’s walk you through how you can check your SSL settings so you can rest assured knowing your information is properly encrypted.
Step 1: Know what you’re looking for
With SSL certificates, there’s a lot of different pieces of information. Do you want to know how long your certificate is valid for? The issuing Certificate Authority? The algorithms utilized for the encryption process? Make sure you have all the questions before you go looking for the answers.
Step 2: Check your browser
Browsers are all different, and even with the same browser, the settings may differ on your desktop and on your mobile. For example, on Chrome desktop, certificate details can be viewed simply by click the padlock on the left of the URL bar.
To get more detailed information about the certificate, click “Valid” and this will take you to the actual certificate, with the SSL-issuing entity and the domain that it refers to. The valid period will also appear so that you can see exactly what’s going on with your SSL.
On Chrome mobile, it’s fairly similar, where you can click the padlock on the URL bar and get information on the corresponding site. However, information is a bit more limited as you can see just the name of the Certificate Authority (CA) and verification that it’s secure. However, pressing “Learn More” simply takes you to the Chrome support page with generic information.
Other browsers have similar but varied processes. The padlock may be on the right of the URL bar and not on the left (Internet Explorer), or it may be impossible to see the SSL certificate at all on mobile (Safari).
Step 3: Make it a part of your routine
If we know anything about the world of the Internet, it’s that things are always changing. Browsers will continue to change and evolve, as well as websites and CAs. And though we hope that’s not the case, there may be instances when a site has let its SSL certificate expire, meaning transactions may no longer be secure. To keep yourself from being entangled in a potential data breach, it’s best to regularly check sites you frequently visit, especially ones that hold your personal information.
While it may not be realistic to check every site’s SSL on every device, it’s a great way to start being more aware of which sites are — and are not — applying security best practices. But rather than leaving it in their hands to keep your information safe, you can start with being on guard when it comes to your identity and your data.
For more security tips and how-tos like this, follow our blog, and share with a friend!