A Broken SSL Certificate Will Hurt Your SEO
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

A Broken SSL Certificate Will Hurt Your SEO

According to Google’s Gary Illyes, you shouldn’t ignore the HTTPS ranking signal, either.

Back in 2014, Google announced that HTTPS would become a ranking signal. In the five years since that announcement, the consensus seems to be that this signal has become less and less of an actual factor to the point that now it’s just a marketing claim.

Turns out that’s wrong.

According to Google’s Gary Illyes, a Webmaster Trends Analyst, the HTTPS ranking signal, “affects enough queries measurably that I wouldn’t ignore it.”

And it turns out that having a broken or expired SSL/TLS certificate can hurt your SEO, too.

So, today we’re going to discuss what Gary Illyes was talking about, what specifically matters with the HTTPS ranking signal, and why your SSL certificate needs to be trusted and valid for more reasons than just security.

Let’s hash it out.

SEO and the HTTPS Ranking Signal

Search Engine Optimization is a critical component of internet marketing. And when you’re talking about SEO, you’re really talking about ranking on Google. Google’s ubiquity in the Western World makes it the only search engine that’s really worth targeting. And most companies feel if they do it well for Google, it should do fine with the other search engines, too.

Unfortunately, Google is rather opaque about what exactly its ranking algorithms are factoring. That’s why the 2014 announcement about the HTTPS ranking signal was so remarkable.

But over the years, as more and more sites have started to adopt HTTPS most people figured the power of that particular signal was declining. I’ve read a couple of security researchers’ blogs that have called the claim a marketing ploy.

Not the case. Nowadays it’s a tiebreaker. And apparently it still factors in pretty heavily. Yesterday on Twitter Google’s Illyes responded to a question about the HTTPS ranking signal and how often it comes up as a tiebreaker.

But that’s just HTTPS, your SSL certificate – or more specifically its validity – also matters.

Your SSL/TLS Certificate Should Be Valid and Trusted, Too

So that we don’t get accused of misleading anyone, the validity of the SSL certificate doesn’t directly affect the HTTPS ranking:

…the ranking signal itself would be unaffected: you have https in the result, you get the (tiebreaker) boost


A broken cert will affect other things, though.

This is a new wrinkle. I’m not sure I’ve ever seen this confirmed anywhere else before, but it makes perfect sense. Google (and the other search engines, even you, Bing) wants to provide its users with the best possible result. Having a broken SSL certificate endangers the user. That’s why the browsers issue certificate errors that advise their users to turn back.

Historically, the pain associated with a broken certificate came in the form of downtime, lost productivity, lost sales, the social impact it has on your brand. Add your company’s SEO rankings to the list of costs.

How Improving Your Cyber Security Posture Benefits Your Bottom Line

Being proactive about your cybersecurity posture now, may end up saving you a bunch of money later. Don’t find out the hard way.

Read more

As Barry Schawrtz, the Executive Editor of Search Engine Roundtable put it:

So there you have it – make sure you have HTTPS and make sure it is valid and working properly for ranking, not just for your user.

As always, feel free to leave any comments or questions below…

Hashed Out by The SSL Store is the voice of record in the SSL/TLS industry.


Patrick Nohe

Patrick started his career as a beat reporter and columnist for the Miami Herald before moving into the cybersecurity industry a few years ago. Patrick covers encryption, hashing, browser UI/UX and general cyber security in a way that’s relatable for everyone.