A secure SSL podcast website is like a normal website with the inclusion of a secure connection between your server and each client application. Traditionally, secure sites were reserved for highly sensitive services such as commerce or medical information. In recent years, it has become evident that secure websites provide a safer environment for web browsing in general. This desire to secure the entire web has now reached blogger and podcaster websites. Do not fear the secure podcast website, as secure websites provide benefits when implemented properly.
Secure SSL podcast website benefits
There are many benefits to having a secure SSL (https://) podcast website. The biggest benefits are with SEO and page/site loading performance.
Search Engine Optimization
To improve online safety, Google’s search engine indexes secure (https://) websites, which now get a boost in search. For example, if your page was ranked the same as a non-secure page, your secure page will be listed first. For those wishing to maintain their search positions, it is now necessary to implement secure websites.
HTTP/2 protocol and website performance
To maximize your podcast website’s performance, a web host that supports HTTP/2 will provide unparalleled accelerated webpage loading. Based on the SPDY protocol originally developed by Google, HTTP/2 is the newest version of the HTTP protocol since the release of HTTP/1.1 in 1997. The new protocol is supported by all popular web browsers including Chrome, Firefox, Opera, Internet Explorer 11, Edge and Safari. Though the standard does not require use of a secure site, browsers such as Firefox, Chrome, Safari, Opera, IE, and Edge will only work with secure websites using TSL encryption.
Secure SSL website recommendations
We recommend the following when setting up a secure website.
- Use SSL certificates issued by trusted certificate authorities.
- Use a web hosting service that supports HTTP/2 if possible.
- Support TSL 1, TSL 1.1, and TSL 1.2 secure protocols. As of this writing these protocols are quite secure.
Note: TSL 1 and 1.1 is required for some podcast services such as Stitcher. Make sure your SSL settings include all 3 TSL versions for 100% compliance with all services.
- DO NOT support SSLv1, SSLv2, or SSLv3 secure protocols. These protocols have known vulnerabilities and should be avoided when at all possible.
- If you have many sub-domains (e.g. abc.example.com and xyz.example.com), the use of a wildcard SSL certificate might be ideal.
Testing your Secure Website
There are many tools available to test your https:// website.
SSL Server Test – Performs a deep analysis of the configuration of your SSL web server. Includes a letter grade and a full list of browser and platform simulations.
SSL Checker – Verify your SSL certificate installation and diagnose problems.
SSL Installation Diagnostics Tool – Verify your SSL certificate installation and check for common vulnerabilities.
SSL Certificates Supported by Apple Podcasts
Most SSL certificates are accepted by Apple Podcasts (previously known as iTunes). Here is a specific list of top level SSL certificates, also referred to as “certificate authorities” or “root” certificates. If your certificate uses one of these top level certificates you should not have any issues.
- Godaddy (includes Starfield)
- Symantec (includes Thawte, GeoTrust and RapidSSL)
Older Symantec, Thawte, GeoTrust, RapidSSL, WoSign, and StartCom certificates are currently not recommended. Companies including Google have untrusted these certificates, Learn more.
Visit Apple Podcast documentation on HTTPS support for the most up to date list of accepted root certificates.
SSL Certificates NOT supported by Apple Podcasts
The following SSL certificates are not supported by Apple at this time and should be avoided for podcast websites.
Common SSL Issues with Apple Podcasts
It is common when a web service uses an SSL certificate and does not include the complete certificate chain. The certificate chain provides a complete map for the application that requests it to see what root certificate the certificate in question is derived from. For example, a DigiCert certificate should include a chain that includes the root Symantec certificate for Apple podcasts to match with its accepted list of root certificates..
Blubrry WordPress Hosting and SSL
Blubrry’s PowerPress Sites, a managed WordPress solution for podcasting, includes SSL and HTTP/2 support.