

Google SSL Search - jamesbkel
http://www.google.com/support/websearch/bin/answer.py?answer=173733&hl=en

======
wladimir
This was available for quite a while already, though in beta/labs. I'm not
sure what is new.

~~~
JonnieCache
Yeah, it doesn't seem any different to how its been in the past year. The
_beta_ sigil is still under the logo.

I wish theyd put the links to maps and images back in, maybe with some visual
warning that theyre not encrypted. I have SSL search as the default search in
chrome, and I hate having to manually jump back to normal google to do image
searches.

While we're here, don't forget SSL wikipedia!

<https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page>

~~~
mike-cardwell
If you're using the HTTPS-Everywhere Firefox addon (1), or the HTTPS-
Everywhere Squid redirector (2), you don't need to know/remember about the SSL
versions of Wikipedia or Google. You're just sent there by default.

1.) <https://www.eff.org/https-everywhere>

2.) <https://github.com/mikecardwell/perl-HTTPSEverywhere>

------
mahrain
Been using this for a year now, there's also a hack to use it in the Chrome
bar by entering a custom search engine. Very handy and works nice.

Only miss is that I can't immediately click through to image searches, they're
only available over unsecured HTTP.

~~~
lobster_johnson
Unfortunately, you lose autocompletion (other than history autocompletion)
when you use something other than the built-in Google search.

------
nodata
Good, but to make this truly useful we need a really simple way to specify
which country-specific google search engine we would like results from.

------
jamaicahest
DuckDuckGo has been using this for many months, when you use the !g bang

~~~
rlpb
Really? It doesn't seem to do it for me. Do you have some setting set
somewhere?

------
lini
Anyone that has the HTTPS everywhere extension (Firefox) is already using the
SSL search in Google. As others noted it has been in beta for quite a long
time and is missing some features like the image search or the doodles on the
homepage.

------
buster
Also, if you want to browse on SSL whereever possible:

[https://chrome.google.com/webstore/detail/flcpelgcagfhfoegek...](https://chrome.google.com/webstore/detail/flcpelgcagfhfoegekianiofphddckof)

Love this Extension!

------
RyanKearney
The only thing I dislike about this is it hides the refer, screwing up my
analytics. I'd have to completely convert all of my sites to HTTPS only to be
able to make use of the additional headers for analytical purposes. Not really
a big deal I guess, but kind of unnecessary to have to purchase wildcard certs
if you have many sub domains.

~~~
dspillett
The free certs from <http://www.startssl.com/> are apparently accepted by most
browsers these days (the exception being IE6/7 users on XP who have not
downloaded the optional CA cert updates):
<http://en.wikipedia.org/wiki/Startssl#StartSSL>

I've not used their cert for anything yet (I plan to test them on some
personal sites when I get chance, before using them elsewhere), and wildcard
certs are not free (but they do seem relatively cheap), but it might be worth
looking into for someone in your position.

~~~
thepsi
I've used them for a few personal sites and projects with no complaints.

The fee for wildcard certs (~60USD) is a one-off to verify your identity -
usually via a quick phone call to confirm details from your official
documents.

Once that's complete, you can generate as many certs as you need (incl.
wildcards and Subject Alternative Name) from their control panel, subject to
jumping through the usual hoops to prove that you have control of each domain.

~~~
RyanKearney
I do use StartSSL but the problem just comes from having multiple sub domains.
I get IPv4 addresses for $0.50/mo/each but I'd rather not setup each subdomain
on its own dedicated IP for the sakes of using free SSL certs.

~~~
dspillett
You don't need multiple IPv4 addresses to make use of a wild-card (or other
multi-name) certificate. A wildcard certificate will verify any matching
domain so you could have many sub-domains of the same domain (using a single
certificate for *.domain.tld) on one address and browsers would not complain.

Also you could run the distinct (sub)domains on different ports on the same
address, though this is perhaps less useful.

Also, with SNI you can use many single-name certificates on one address (and
all on the same port) using SNI. Unfortunately there are a number of
significant client combinations that won't play nice with this (most notably,
if you can't guess, IE on Windows XP):
<http://en.wikipedia.org/wiki/Server_Name_Indication#Support>

~~~
RyanKearney
I know that. I'm saying I don't want to have to pay for a wildcard certificate
since you can get free certs for individual domains. The alternative for me
purchasing a wildcard domain would be to get many different single domain
certs for free and assign each one to a different IP address.

