Google is now sending out warning letters to webmasters when they have an issue with the secure certificate on their site.
Here is what the warning looks like:
The new warning letter has [ WNC-60700 ] for an issue number.
This seems to be one of multiple types of warning letters for SSL issues, although we don’t know what other issues are triggering letters yet. This warning was specifically for the domain name not being included in the certificate.
@jenstar Yep, but @Missiz_Z is in better position to answer your questions about those messages 🙂
— Gary Illyes (@methode) November 11, 2015
@jenstar @methode what do you mean exactly? Your question is too broad 🙂 We are now letting users know about issues with their TLS certs
— Zineb Ait (@Missiz_Z) November 11, 2015
I will update when I have more clarification on other SSL issues, but no one seems to have reported publicly receiving any yet. [Update below]
I do wonder if they will begin sending warning letters when there are non-secure elements on a page, as Google Chrome recently added a feature that would alert users when a supposed secure site is still displaying unsecure elements. This is often in the form of third-party tools, images and buttons, but it does make a site not truly secure when it happens.
Casey Markee was the first to report on the new warning letter.
This is new. Google now sending SSL Certificate "Mismatch" Console Warnings. cc: @seosmarty @rustybrick @jenstar pic.twitter.com/dYLXqqv39s
— Casey Markee (@MediaWyse) November 10, 2015
It is unclear if these sites lose their HTTPS ranking boost as a result of the issues or not. But since the boost is really more of a tie breaker, it shouldn’t cause ranking issues for any site strictly for losing the boost.
There have been issues with some people not setting up their secure certificates correctly so hopefully these new warnings will bring to light any issues webmasters might have, especially has the HTTPS ranking boost let to many webmasters implementing secure certificates for the first time.
Update:
We have some more information on some of the other SSL related warnings. They include expired certificates, wrong date, invalid and incorrect settings.
@jenstar @methode A few examples are: expired, wrong date, invalid, incorrect settings…
— Zineb Ait (@Missiz_Z) November 11, 2015
Jennifer Slegg
Latest posts by Jennifer Slegg (see all)
- 2022 Update for Google Quality Rater Guidelines – Big YMYL Updates - August 1, 2022
- Google Quality Rater Guidelines: The Low Quality 2021 Update - October 19, 2021
- Rethinking Affiliate Sites With Google’s Product Review Update - April 23, 2021
- New Google Quality Rater Guidelines, Update Adds Emphasis on Needs Met - October 16, 2020
- Google Updates Experiment Statistics for Quality Raters - October 6, 2020
Casey Markee says
For clarification purposes, the other examples that @Missiz_Z references above can all be traced to the “Common pitfalls in using HTTPS/TLS” box located on the “Secure your Site with HTTPS” best practices page with Google here:
https://support.google.com/webmasters/answer/6073543?hl=en
As already pointed out by Glenn Gabe, it’s my belief as well that this console warning is just the FIRST of many new SSL/TLS warning messages all of which would line up with the ten pitfalls represented on the above page.
I would make it a point to add the above triggers into any SSL auditing you already do at your end for your clients now and in the future.
I know I will.