Hypertext Transfer Protocol (HTTP) is a set of rules browsers use to determine how to read and transfer data over the web. When a URL includes “http,” the browser knows to follow this protocol to successfully load a web page.
HTTPS is the same as HTTP except HTTPS tells a browser to encrypt the data exchanged with a web page. Encryption disguises data and lessens the chance that your information is viewed or manipulated. This is important when a website includes sensitive data like your personal details or financial information.
Set up HTTPS
To use HTTPS with your domain name, you need a SSL or TLS certificate installed on your website. Your web host (Web Hosting Provider) may offer HTTPS security or you can request a SSL/TLS certificate from Certificate Authorities and install it yourself. SSL/TLS certificates may need to be renewed periodically.
There are different types of web servers, and each has its own process for installing and updating SSL/TLS certificates. You will need to find out which web server your website is using and follow its instructions for installing and updating your certificate.
Many 3rd party web hosts also issue, install, and renew SSL/TLS certificates. You can use any web host in combination with Google Domains, including Bluehost, Shopify, Squarespace, Weebly, and Wix.
Learn how to connect to a web host and set up HTTPS.
If your web host doesn’t offer HTTPS security, you can obtain an SSL/TLS certificate for your domain from a Certificate Authority (CA). Google has its own CA, Google Trust Services. For Google Domains customers, you can obtain a certificate from Google Trust Services by following the instructions on the "Security page" of your domain.
Another popular CA that provides certificates in the interest of creating a safer Internet is Let’s Encrypt.
After you obtain a certificate, you must work with your web host to install the certificate. If you host your site on your own servers, learn how to enable HTTPS. If you use the Automatic Certificate Management Environment (ACME) protocol to manage your certificates, you can follow the steps below to manage certificates with ACME and DNS.
To obtain a certificate from Google Trust Services:
Sign in to Google Domains.
Select the domain that you want a certificate for.
At the top left, tap Menu Security.
Under section “SSL/TLS Certificates for your domain,” expand “Google Trust Services.”
Click Get EAB Key.
A dialog opens with 2 values, “EAB Key ID” and “EAB HMAC Key."
Copy both of these values by tapping the Copy buttons next to each of them.
Use these 2 values to register an account with the Google Trust Services CA. Each ACME client implementation differs slightly on how you specify this EAB. Refer to the documentation for the ACME client that you’d like to use.
Here's an exampleof configuration with the popular Certbot ACME client.
Automatic Certificate Management Environment(ACME) is a common protocol used to automate the management certificates between a Certificate Authority (CA) and server. With automation, many users can reduce the chances of outages due to failure to renew their HTTPS certificates.
To prove that you have control of a domain name, the ACME protocol uses challenges. Google Domains supports the DNS-01 challenge type with its DNS servers through the use of API Tokens.
To create an API Token:
Sign in to Google Domains.
Select the domain that you want to use.
At the top left, tap Menu Security.
Under thesection “ACME DNSAPI,” tap Create token.
IMPORTANT: This value is only shown once. After the dialog is closed, you won’t be able to find this API Token again. Keep this token in a safe place since anyone that has it gains the ability to modify some DNS records for your Domain.
A dialog opens with an “API Token.”
You need this API Token to enter into your ACME client.
To copy this value, tap the Copy button next to the API Token.
If you didn’t save this value before closing the dialog, you can easily delete and create a new API Token.
A limit of 10 API Tokens per domain can exist at a time.
When the dialog closes, a record will appear in the list. To revoke its access, you can delete this token at any time.
The API Token can be used in an ACME client that supports the Google Domains ACME DNS API. Each ACME implementation differs slightly on how you specify this API Token. Refer to the documentation for the ACME client that you’d like to use.
HTTPS helps prevent Man in the Middle (MitM) attacks, but if someone can impersonate your SSL/TLS certificate, those attacks are still possible. To prevent this, you should review certificates issued for your website that you don’t recognize. You can also restrict who can issue certificates for your domain with Certification Authority Authorization (CAA) resource records.
View certificates issued for your domain
To review certificates issued for your domain, you can search on censys.io.
Add CAA resource records to your domain
CAA resource records give you the ability to control who can issue SSL/TLS certificates for your website. Learn more about CAA resource records.
Related resources
Manage resource records
Need more help?
Try these next steps:
Contact us Tell us more and we’ll help you get there
To use HTTPS with your domain name, you need a SSL or TLS certificate installed on your website. Your web host (Web Hosting Provider) may offer HTTPS security or you can request a SSL/TLS certificate from Certificate Authorities and install it yourself.
When your site uses HTTPS, it lets your customers know that you're a legitimate business that takes their business and their security seriously. At the same time, by forcing HTTPS on your domain, you could have better rankings on Google, and your website will operate better.
For example, in the URL 'https://cloudflare.com/learning/', 'cloudflare.com' is the domain name, while 'https' is the protocol and '/learning/' is the path to a specific page on the website.
To get a free SSL certificate, domain owners need to sign up for Cloudflare and select an SSL option in their SSL settings. This article has further instructions on setting up SSL with Cloudflare.
Select Settings from the Menu button. In the General panel, scroll to Network Settings and click ”Setting”In the dialog box that opens, go down to Enable DNS over HTTPS.
If your site uses HTTP instead of HTTPS, an attacker could do things like: appear to change your website's content – giving customers false information. steal information customers submit to your website, including login details, personal information or financial details.
Search engines like Google recommend that all websites use HTTPS because it's secure, and sites with SSL certificates are rewarded with a boost in search rankings. Web browsers also alert users if a website isn't safe and uses HTTP.
Address: 2033 Gerhold Pine, Port Jocelyn, VA 12101-5654
Phone: +8524399971620
Job: Central Manufacturing Supervisor
Hobby: Jogging, Metalworking, Tai chi, Shopping, Puzzles, Rock climbing, Crocheting
Introduction: My name is Edmund Hettinger DC, I am a adventurous, colorful, gifted, determined, precious, open, colorful person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.
Security.