More information about the Underscore mailing list

[_] SSL hell

Robin Layfield robin at
Mon Apr 23 11:40:42 BST 2018

From: Paddy <paddy at>
Reply: underscore at <underscore at>
Date: 23 April 2018 at 11:22:27
To: underscore at <underscore at>
Subject:  [_] SSL hell  

The implications re forthcoming google changes re https: are starting to sink in...
Will there just be an address-bar warning on all pages with a <form> on, or will the “not secure” page appear, even on forms that don’t contain secure info?
The sites in question don’t earn enough to cover the cost of an SSL cert but it would be a shame to have to close them all down. 
This year I’m feeling increasingly pushed out of the web:-(

Thanks all

underscore_ list info/archive ->

Hi Paddy,

if you have control of your server - or - if it is on shared hosting with a relatively recent build of CPANEL, you can use (or install) LetsEncrypt which will manage certificate retrieval and installation for your sites at no cost. It renews the certificates every 90 days. 

NOTE: Some browsers (I think older versions of IE) don't like certificates that aren't attached to a dedicated IP address but in my experience this has not been that commonplace. I'm sure someone else on the group has more specific knowledge about this.

In these times, it's probably pragmatic to go ahead and fully encrypt everyone's sites anyway.

(Also I think Google search penalises sites that aren't secure)

                 Robin Layfield
(mobile) 07807 144386 
(twitter) @robinlayfield 
this email has been ultrasimplified.