The End of Paid SSL is Finally Here. Hooray!

Last updated on

When Google announced in 2018, that they were factoring HTTPS into their search rankings, I predicted that no one would need to purchase SSL certificates anymore. The announcement forced large hosting companies like Hostgator and Bluehost to announce free SSL on their shared hosting plans via Let’s Encrypt – something that was previously available only on a few other providers like SiteGround, NameHero etc. Others like GoDaddy stubbornly offer only paid SSL to this day.

The announcement was actually a temporary bump in the business of SSL sellers, because producers of EV certificates could now claim the backing of Google itself – to charge customers tons of money for HTTPS security that they could previously get for free. The additional benefit, they said, was that you could get the “green URL bar” as shown here:

Old EV SSL Label on Chrome
This is what it USED to look like

This was in 2018. You can see above, that PayPal has a special appearance for its name in the address bar. It’s more prominent. However, when I visit the same website today on my Chromium based Edge browser, this is what it looks like:

Paid SSL No Longer Looks Anything Special
This is what it looks like NOW

It’s vanished entirely! Google has been steadily replacing the previous UI with a new one that removes the prominent security display and relegates the certificate type to the “Page Info” section. You can see that it’s well hidden away as shown here:

SSL Information is now hidden away in the information box
SSL information is now not easily visible in the address bar

So now there’s even less value in paying for SSL.

Cheapest Hosting with Free SSL – Hostgator

Overall, Hostgator has the least “gimmicky” web hosting. Here’s the complete  Hostgator coupon 2020 list for next year as well as this one. This is the cheapest plan you can get with free SSL:

But why is Google doing this? Why is it further devaluing EV and other expensive high-end certificates?

Because No-One Pays Attention

Evidence upon evidence has been piling up that users don’t really care about the website’s “green bar”. It doesn’t help with avoiding risky behavior and as such, only takes up additional space in a browser’s window that can better be used for other things.

Instead, moving forward, Google is going to place more emphasis on warning users about insecure sites, as opposed to trying to give them a false sense of security about a site’s trustworthiness. Hence when you visit an unsecured site – one that uses HTTP instead of HTTPS – you’ll see a warning with a red cross in the address bar, to let you know that your information is not encrypted and is vulnerable to man-in-the-middle attacks.

“Insurance” on Paid SSL Certificates is Bogus

SSL vendors will try and tell you that their certificates provide you with insurance against fraud. Basically, if someone gets duped because their cert wasn’t good enough or whatever, they’ll pay out a certain sum. But in all my years of hosting, I have never once heard of a certification authority ever paying out a claim. Come to think of it, I haven’t heard of any claims being made either!

It’s just a marketing gimmick. The encryption used by free certificate tools like Let’s Encrypt are every bit as powerful as anything a commercial SSL vendor can provide. The strength of the encryption likes in the hashing functions, and anyone can do that – you don’t need specialized hardware, or anything.

Bottom Line

The new direction Google and other browsers like Firefox are taking, will reduce the value of paid SSL certificates for web hosting customers. Now more than ever, free SSL via Let’s Encrypt is the way to go. So if you’re purchasing web hosting, and your hosting provider doesn’t give you free SSL, turn around and walk away in the opposite direction. You’re going to need SSL one way or the other, so find a host that provides it for free. Any one of the major web hosts will give it to you for free – other than GoDaddy, of course.

About Bhagwad Park

I've been writing about web hosting and WordPress tutorials since 2008. I also create tutorials on Linux server administration, and have a ton of experience with web hosting products. Contact me via e-mail!

Speak Your Mind

*