‘SSL certificates’ authenticate a website’s identity and show that data transfer is secure and encrypted. In the past, it was not unreasonable for a website to provide these just on important transaction pages, such as login or payment details. Now ‘https’ really needs to be the default across every site.
I assume long-time readers moved their websites across some time ago, but it should be a priority action if you have any web properties remaining as just ‘http’. Many web browsers clearly show visitors if a site is not secure, and it doesn’t encourage trust. It’s pretty well documented that SSL-certificated pages have an advantage in SEO. The technology helps to meet regulatory standards to protect personally identifiable information. And we’re even starting to see features in browsers which will only function properly with secure sites.
Unfortunately, these certificates have to be renewed every 13 months. This is because they handle website authentication as well as encryption, and a domain can’t just be trusted to be the same thing forever. Websites are bought and sold. The only way to keep things up-to-date is to ensure they’re reconfirmed as frequently as is practicable.
While renewal of a certificate is normally a trivial procedure at most web hosts, it’s not necessarily automatic. Failure to renew has taken down some of the biggest websites in the past. So it’s important to be on top of where your SSL certificate is managed, and if you need to take any manual actions for it to happen. Who’s responsible for that with your website?