UPDATED INFORMATION – APRIL 22, 2015
I have discontinued use of an SSL certificate on my niche sites. I tested it for about 7 months.
The main reason I stopped using it was I had to give up far too much revenue because some advertiser networks did not display properly on the site.
I calculated any SEO benefit I enjoyed did NOT offset lost revenue.
I’ll keep the rest of this post as it appeared when first published, but it’s important you know that I am not longer using an SSL certificate.
– End of April 22, 2015 Update –
Rarely does Google come out and say “if you do this, it will help your site in the SERPs”.
Yet on August 6, 2014, Google did just that. Google announced that websites with an SSL certificate (HTTPS websites) will enjoy a ranking advantage.
While I’m not much of an off-site SEO keener these days (I prefer searching for long tail keywords and leave the link building to other people), I am still keenly aware of how lucrative free organic search traffic can be for any website.
That’s why when I read Google’s announcement about SSL certificates, I didn’t hesitate to buy one and get it installed on my website.
I figured what’s the worst that could happen? I waste $175.
At the end of the day installing an SSL certificate has been a blessing and a curse.
Did the SSL certificate improve my search engine rankings and increase organic traffic?
Short answer: Yes.
Yes, but not too much after the initial bump (it was a decent bump though).
However, it turned out that the SSL certificate has cost me far more than the revenue derived from additional organic search traffic.
Watch the Video (Or Read All About it Below)
1. Traffic Screenshot Before and After SSL Certificate Implementation
There’s definitely a decent bump of organic traffic after I installed the SSL certificate on my site.
That said, can I prove that increase in traffic was caused by the SSL certificate?
No, I can’t. My traffic was in trajectory at the time anyway. My site was fairly new (7 months old at the time), so bumps in traffic are not unexpected.
Nevertheless, I’m of the view the SSL certificate did improve rankings and consequently increase search traffic.
2. How the SSL Certificate Cost Me $1,000’s of Dollars (Every Month)
Sometimes I act before I think (or research). The SSL certificate installation is a very good example. Google says it’s good, I jump all over it without considering the consequences.
The main issue with having an SSL certificate is that many advertising networks do not provide SSL compliant ads. In other words, when I placed the ad code on my site with the SSL certificate, the site is not secure (which defeats the purpose of the SSL certficate).
Examples of advertisers I had to remove:
- GumGum: Lost $50 per day ($1,500 per month)
- VibrantMedia In-Text Ads: Lost $8 per day ($240 per month)
Amazon CPM Ads: Lost $5 to $8 per day ($150 per month).UPDATE DEC. 8/14: Amazon CPM Ads are now SSL Certificate compliant – see how I earn $100+ per day from Amazon CPM Ads here.
I’m also precluded from working with other advertisers.
Therefore, the lost revenue is sizeable. The worst part is the increase in organic search traffic doesn’t come close to making up for that lost revenue.
3. Why I’m Keeping the SSL Certificate (Despite Lost revenue)
Okay, I’m down $1,500+ per month with an SSL certificate. Why on earth do I still have it installed?
One reason and it’s a bet on the future. I think Google will increase the ranking benefit of SSL certificates over time. That’s my bet. I don’t like it, but that’s the way it is.
Obviously I could be wrong. Google could change their mind in 12 months and decide “actually SSL certificates are no longer a ranking factor.” OUCH!!
Also, I believe advertisers will get their ads SSL certificate compliant. I know GumGum is working on it. I’m amazed Amazon ads are not SSL certificate, but I suspect it’s only a matter of time (it’s a very recently launched ad platform).
You gotta risk it to get the biscuit! I’ve placed my bet on SSL certificates.
4. How to Choose the Right SSL Certificate
At the time I installed my SSL certificate, I was also migrating my site’s media storage to Amazon Cloudfront. Therefore, the consultant I hired to do that also had to deal with the SSL certificate at the same time.
The first step was ensuring I had the right type of SSL certificate. Amazon AWS CloudFront requires an SSL certificate with the following features:
- Certificates must follow the X.509 PEM format.
- The current date must be between the certificate’s start and end date.
- Public and private certificate files must contain only a single certificate.
- The private key must match the public key that is in the certificate.
- The private key must be an RSA private key in PEM format, where the PEM header is BEGIN RSA PRIVATE KEY and the footer is END RSA PRIVATE KEY.
- The private key cannot be encrypted with a password.
Fortunately, the certificate I purchased from DigiCert met those criteria. It also turns out GoDaddy’s standard SSL certificate meets those criteria. Before buying any SSL certificate, I’d double check with the provider.
5. How is the SSL Certificate Installed?
As long as you’re not doing any additional complicated work like migrating to Amazon CloudFront at the same time, getting an SSL certificate installed isn’t that difficult.
Basically, I was the intermediary between my web host (Synthesis) and Certificate provider (DigiCert). Synthesis told me what to get from Digicert. Digicert provided it to me and I forwarded it to Synthesis. Synthesis then installed the certificiate on my site.
I’m not sure all web hosts will install a certificate for you… I suggest you ask yours if they will.
But it wasn’t all smooth sailing once installed… I encountered unanticipated issues.
6. Installation Issues I Encountered
What you need to realize is that when you install an SSL certificate on your site, every element must be SSL compliant. If it’s not, your site will be unsecure, which defeats the purpose.
In other words, it needs to be sourced with an https instead of http. If whatever code you place on your site (widget, form, image, ad, etc.) does not function with an https version, it won’t be compliant.
- AWeber: No matter what I did, I couldn’t get AWeber forms to be secure.
- Advertisers: The Ad code from several advertisers were not SSL certificate compliant.
- Images: All image source URLs needed to be changed to https.
The trouble was detecting which elements and plugins were not compliant. I no sooner switched or removed an element and it still wasn’t secure.
1 Tip for Detecting Unsecure Elements on a Web Page
When on the web page, press CTRL/SHFT/J at the same time and it will reveal the unsecure elements on that web page. Unfortunately I didn’t discover this nifty tip until 2 days after messing around with my site.
I finally hired some more help
Eventually I got so tired of working on securing every element, I turned to WP Curve for help. They were magnificent. It took them about 1 week to get everything secure, but they did it and it only cost me $69. Instead of wasting hours of your time, I strongly suggest you hire WP Curve immediately and let them figure it all out.
After I installed the SSL certificate, images on my site couldn’t be pinned to Pinterest. That’s a HUGE problem. It turned out it was a simple setting regarding the SSL certificate and CloudFront on Amazon AWS.
I was able to resolve the issue. I published a brief tutorial on how I solved the Pinterest problem here.
7. Do I Think It’s Good Google Decided to Include SSL Certificates as a Ranking Factor?
I don’t know. It adds to the cost of publishing websites and it’s another barrier to entry for thin sites, which I guess isn’t all bad.
However, it’s a lot to ask of many website publishers. It’s not an easy job and it costs money.
Several people who are really into website performance that I talked to are very much in favor of websites having SSL certificates. I’m not all that technical, so I will take their word for it that it’s a good development.
At the end of the day, I only did it to see if having an SSL certificate would improve my organic search traffic/rankings.
8. Would I Install an SSL Certificate Again?
Yes I would.
Despite the 2 weeks of frustration, the $175 cost of the certificate and the loss of $1,500+ per month in revenue, I would do it again.
I’ve placed my bet that an SSL certificate will grow in importance.
Pretty much all other sites in my niche don’t have SSL certificates, so I’ll take any ranking advantage that I can get.
While it’s costing me dearly now, I suspect it will pay off in the long run.
Moreover, I’m also betting that those advertisers that I can’t work with now will come up with SSL compliant ads. After all Adsense ads and Media.net ads are SSL certificate compliant, so there’s no reasons other advertisers can’t do the same. I think it’s only a matter of time.