What is GEO (Generative Engine Optimization)?

GEO stands for Generative Engine Optimization. It is the practice of optimizing your website to appear in AI-generated answers from ChatGPT, Perplexity, Google AI Overviews, and Claude. Foglift is the first tool to combine SEO and GEO analysis in one scan.

What does Foglift analyze?

Foglift scans websites across 5 categories: SEO (meta tags, headings, Open Graph), GEO (AI-crawler access, structured data, citation-readiness), Performance (Core Web Vitals, load time), Security (HTTP headers), and Accessibility (WCAG compliance, contrast, alt text).

How is Foglift different from Ahrefs or Semrush?

Ahrefs and Semrush focus only on traditional SEO. Foglift is the first tool to combine SEO + GEO (AI search optimization) analysis, checking if your site is ready for AI-generated answers. It starts free and costs 10x less than alternatives.

Does Foglift have an API?

Yes. Foglift offers a free public REST API at foglift.io/api/v1/scan that returns JSON results. Developers can use it from the terminal, CI/CD pipelines, or AI coding assistants like Claude Code and Cursor.

SSL Certificate Checker: How to Verify Your Site's Security in 2026

An SSL certificate is the foundation of web security. Without one — or with an expired, misconfigured, or weak one — your site loses rankings, users see scary browser warnings, and sensitive data is exposed. In this guide, you'll learn exactly what to check, why it matters, and how to fix common SSL issues.

Check your SSL certificate now: Use our free SSL/TLS Certificate Checker to instantly verify certificate validity, TLS version, cipher strength, and expiration.

Why SSL Matters for SEO

Google has used HTTPS as a ranking signal since 2014. But SSL's impact goes beyond a minor ranking boost:

Browser warnings: Chrome displays "Not Secure" for HTTP pages. An expired certificate triggers a full-page interstitial that blocks visitors entirely — destroying conversion rates.
Bounce rate: 85% of users leave immediately when they see a security warning. This sends negative engagement signals to Google.
Referral data: HTTPS-to-HTTP traffic loses referral headers. Without SSL, you lose attribution data in analytics.
HTTP/2 and HTTP/3: Modern protocols that dramatically improve performance require HTTPS. Without SSL, you're stuck on HTTP/1.1.
AI search: AI crawlers (GPTBot, ClaudeBot) prefer HTTPS sites. If your goal is to appear in AI-generated answers, SSL is table stakes.

What to Check in Your SSL Certificate

1. Certificate Validity

The most basic check: is your certificate currently valid? An expired certificate means browsers will actively block visitors. Check the "Valid From" and "Valid To" dates.

2. TLS Protocol Version

TLS 1.0 and 1.1 are deprecated and insecure. Your server should support TLS 1.2 at minimum, with TLS 1.3 preferred for better performance and security. TLS 1.3 reduces the handshake from two round-trips to one, making connections faster.

Protocol	Status	Recommendation
TLS 1.3	Current	Enable — fastest and most secure
TLS 1.2	Acceptable	Keep for compatibility, upgrade when possible
TLS 1.1	Deprecated	Disable immediately
TLS 1.0 / SSL 3.0	Insecure	Disable — known vulnerabilities (POODLE, BEAST)

3. Cipher Suite Strength

Cipher suites determine how encryption works. Weak ciphers like RC4, DES, and 3DES have known vulnerabilities. Modern servers should use AES-256-GCM or ChaCha20-Poly1305. Our SSL checker flags weak ciphers automatically.

4. Certificate Chain

A valid SSL certificate needs a complete chain of trust from your certificate through intermediate certificates to a root CA (Certificate Authority). A broken chain causes "untrusted certificate" errors even if the leaf certificate itself is valid.

5. Subject Alternative Names (SANs)

SANs list all the domain names a certificate covers. A certificate for example.com should also include www.example.com as a SAN. Wildcard certificates (*.example.com) cover all subdomains but not the bare domain.

6. Key Size

RSA keys should be 2048 bits or more (4096 recommended). ECC keys can be shorter (256-bit ECC ≈ 3072-bit RSA security). Keys under 2048 bits are considered weak and may not be accepted by modern browsers.

Common SSL Issues and How to Fix Them

Expired Certificate

Fix: Renew through your CA or hosting provider. If using Let's Encrypt, check that certbot auto-renewal is working (sudo certbot renew --dry-run). Set monitoring alerts to catch expiration 30 days early.

Mixed Content

Fix: Even with SSL, loading images, scripts, or stylesheets over HTTP triggers "mixed content" warnings. Find and update all http:// URLs to https:// or use protocol-relative URLs. Add the CSP header upgrade-insecure-requests.

Self-Signed Certificate

Fix: Self-signed certificates are not trusted by browsers and trigger security warnings. Use a free certificate from Let's Encrypt or your hosting provider's built-in SSL (Cloudflare, Vercel, Netlify all include free certificates).

Certificate Name Mismatch

Fix: Ensure your certificate's Common Name or SAN matches the exact domain visitors use. If users access www.example.com but the certificate only covers example.com, they'll see an error.

SSL and AI Search

SSL isn't just for traditional search engines. AI systems like ChatGPT, Perplexity, and Google's AI Overviews also prefer secure sites. If you're optimizing for Generative Engine Optimization (GEO), a valid SSL certificate is baseline infrastructure.

AI crawlers may skip sites with certificate errors entirely, meaning your content won't be indexed for AI-generated answers. Check your full SEO and GEO readiness with a free Foglift scan.

Best Free SSL Certificate Providers

Provider	Validity	Auto-Renew
Let's Encrypt	90 days	Yes (certbot)
Cloudflare	15 years	Yes (automatic)
Vercel	Auto-managed	Yes (automatic)
Netlify	Auto-managed	Yes (automatic)

Frequently Asked Questions

What is an SSL certificate?

An SSL certificate is a digital credential that enables encrypted HTTPS connections between a web server and a browser. It verifies the website's identity and protects data in transit. Modern certificates use TLS (Transport Layer Security), the successor to SSL.

Does SSL affect Google rankings?

Yes. Google has used HTTPS as a ranking signal since 2014. Sites without valid SSL certificates show 'Not Secure' warnings in Chrome, which increases bounce rates and indirectly hurts rankings.

How long do SSL certificates last?

Most commercial SSL certificates last 1 year, while Let's Encrypt certificates expire every 90 days (but auto-renew). Set up auto-renewal to avoid expiration.

What is the difference between TLS 1.2 and TLS 1.3?

TLS 1.3 is faster and more secure. It reduces the handshake from two round-trips to one, removes outdated cipher suites, and enables 0-RTT resumption.

What should I do if my SSL certificate expires?

Renew immediately through your certificate authority or hosting provider. Set calendar reminders or monitoring alerts 30 days before expiration.

Check Your SSL Certificate Now

Get an instant SSL grade, certificate details, and security recommendations — free.

Check SSL Certificate Free