A big revenue generator is quickly declining.
Google’s campaign in recent years to push websites to use an SSL certificate has been a boon to everyone in the SSL marketplace, including certificate issuers and hosting companies.
But what Google giveth, Google can taketh away. And this is wreaking havoc on the business of selling SSL certificates.
Google is continually downgrading positive indicators of SSL certificates in Google Chrome. Other browser makers are, too.
Of course, Google also backs Let’s Encrypt, which lets the technically-minded get free SSL certificates.
It seems that companies profiting from SSL certificates have found two ways to stretch out this cash cow in the face of downgraded browser benefits and free SSL providers.
As far as the browser benefits are concerned, SSL sellers have promoted Extended Validation (EV) Certificates. These are the ones that show the company name in the address bar next to the URL.
Or rather, did show the company name. Even that’s coming to an end. Troy Hunt explains why EV is dead thanks to their own downgrades by browser makers.
On the hosting side, some companies force users to use their own SSL rather than a free certificate. For example, GoDaddy’s Managed WordPress only works with GoDaddy certificates. And they are pricey.
The GoDaddy managed WordPress starter plan is $9.99 per month. SSL is $79.99 per year, so $6.66 per month. This makes the cheapest WordPress package 66% more expensive than it appears.
To show how silly this is, consider that GoDaddy’s Website Builder plans all come with an SSL certificate and the cheapest plan is $5.99 per month. So you can get a website builder with SSL for less than GoDaddy charges for an SSL certificate. Only you can’t apply this SSL certificate to your WordPress site.
SSL is still a cash cow for many companies. But it’s dwindling.