Facebook apps to go SSL

Some days ago, Facebook announced that from October 2011 onward everyone interested into developing a Facebook App will require an SSL certificate in order to allow the application running.

I’ve been never involved with the development of a Facebook App, and I certainly don’t want to start now. However, as I’ve been involved into some SEO recommendation for a Facebook App quite recently, such a news is good to know as it may be useful at a certain point.

The decision has of course an economic impact that cannot be ignored, especially if you deploy non-sense app just to show a splash screen or you’re a hobbyist. And that is going to happen even if you have used the personalized tab.

Working for a more secure web place

Encouraging the SSL adoption is not something completely new for Facebook; earlier in January this year Facebook while in a Security Day announced the possibility for their users to move their navigation experience entirely through an SSL connection (HTTPS).

Facebook connection pop-up

This of course increases the level of security, as all the information sent back and forth the Facebook servers are encrypted, but at the same time may let the user experience delay while loading pages and app.

In addition, and that is the point, as not all the applications are running on a server equipped with the SSL certificate, this mean that users are going to be redirected on a standard HTTP connection while they attempt the connection to one of those unsecured app.

So far, an informative page is appearing to inform user about the connection switch. Apart from the nuisance of clicking on the “continue” button, anything is happening now. However, October is the deadline and from then onward your app won’t work anymore unless you buy your certificate.

Of course commentary didn’t start to pop up, and a lot of people claimed they will delete their Facebook app.

Is Facebook undermining their social supremacy?

To be honest with you, Facebook already host many ~~crap~~ useless applications that the disappearance of some of them will be not leaving my heart empty. And this natural evolution I belie is something that is somehow necessary regardless my feeling. So, if you are a developer, well get your sleves rolled up and start adopting the new SSL Certifcate standard now before you will be imposed to do so.

And you, what do you think about their decision?

 3 Comments

 Started by Felipe Spina  13 July 2011

So, how i get a SSL domain?
I've tried several times and nothing so far.
Could you please help to put my app live and works with ssl?
Cheers

Reply

 Started by J2897  05 September 2011

If it has to be signed by a CA, then it's not about security. It's about money.

Reply

 Leave a Comment