SSL certificates are small data files that bind a cryptographic key to an organization’s details. Websites with an ‘https protocol’ mean that they have the SSL padlock installed on the web server, allowing secure connections from the web server to the browser. This allows for secure credit card transactions, logins, data transfers and secure browsing of social media sites.
That means that any website with “https://” in the browser supports a secure connection.
Finally, SSL certificates bind together a domain name, server name or host name.
SSL for my WebDirect website
Since July 2018, Google Chrome marks websites without the SSL certificate (beginning with ‘https://’) as ‘not secure’.
To make sure guests can trust your website, we’ve made sure that it’s SSL-certified.
What are the main advantages of having an SSL certificate?
Ranking boost: Google’s latest algorithm update will include ‘https’ in its ranking calculation, meaning that websites with an SSL certificate will benefit from an organic search engine ranking results advantage.
Brand value: SSL-certified websites provide a sense of security and trust amongst visitors. Having an SSL certificate on your WebDirect website will therefore have a positive influence on your property’s brand and strengthen your position amongst potential guests.
Secure payments and info: One of the requirements for any website that uses credit card transactions is being SSL-certified, in compliance with the Payment Card Industry (PCI) standards. Additionally, with an SSL certificate, all information transferred is encrypted so that no third parties can intercept or read it.
Authentication: In general, all businesses that want to obtain an SSL certificate must undergo a thorough process of verification and authentication. Therefore, it’s now easier to identify malicious websites by their lack of an HTTPS connection – making online phishing more difficult.
Do I need to do anything myself?
Now that your WebDirect has been SSL-certified, please follow these steps to ensure the correct identification of your secure website status:
Check for unsafe scripts
Check if your embedded codes or widgets are still visible on your website. If the content from this third-party code or widget is not SSL-certified by its provider it will not be visible on WebDirect. Moreover, the presence of non-certified widgets implies that the website will be flagged as not fully secure in users’ browsers (i.e. in Google Chrome you’ll see ‘Your connection to this site is not fully secure’).
2. Review your Google Search Console
If you are using Google Search Console you should add the ‘https’ version of your website to your Google Search Console account. Find more information in this article.
3. Update your Google ads
Since the switch from ‘http’ to ‘https’ is automatically managed by BookingSuite, everything should work without any problem. However, to improve page load performance we recommend you to update all of your links from ‘http’ to ‘https’ for all your Google ads. For further details please review your ad provider’s guidelines.
4. Check your DNS records
If you’re managing your own domain, make sure your records are up to date. The IPv6 should be deactivated and if there is an AAAA record, remember to remove it. Instead, use a CNAME record that points to suite-sites.booking.com and an A record that points to184.108.40.206
What should I do if my certificate has expired?
Sometimes, after a DNS change, or when adding a new domain to the ‘Domains’ section in BackOffice, the SSL certificate shows as ‘Expired.’
You can initiate a new SSL certificate manually by setting a domain as primary. To set a domain as primary click on the three dots on the right of the domain and choose ‘Set as primary.’ Don't forget to hit ‘Save’ and ‘Publish’. The new SSL certificate will be issued within a few minutes.