Google is working on a way to display better AMP URLs. This improvement relies on an emerging web packaging technology: Signed HTTP Exchange. The process works like this:
For more information about what Google is doing, see Signed HTTP Exchanges.
As part of the Signed HTTP Exchange technology specifications, the TLS certificate used to sign the exchange requires a special extension, CanSignHttpExchanges, and an Elliptic Curve Cryptography (ECC) keypair. DigiCert is happy to be among the very first CAs to support this extension in an ECC TLS certificate as we seek to encourage innovative technologies and the advancement of web protocols.
You'll need two certificates for the server: one for TLS connections and one for signing the HTTP exchanges.
To get your TLS certificate with the CanSignHttpExchanges extension included so you can start testing out this AMP URL improvement, you'll need a CertCentral account with the HTTP Signed Exchange feature enabled. For more details, see Get your Signed HTTP Exchange certificate.
Already have a DigiCert account? Don't worry, our experts can help you manage your account. Reach out to your account representative or contact our Support team.
© 2024 DigiCert, Inc and its affiliates. All rights reserved. DigiCert and its logo are registered trademarks of DigiCert, Inc. The content, images, graphics, and other materials on this website are protected by copyright and may not be reproduced, distributed, modified, or reposted without the express written permission of DigiCert, Inc. All other trademarks, service marks, and logos used in this website are the property of their respective owners. Any unauthorized use of these materials may violate copyright, trademark, or other laws.