How to choose a SSL provider

Discussion in 'Web Design and Development' started by davbeck, May 15, 2009.

  1. davbeck macrumors regular

    Joined:
    May 16, 2008
    Location:
    Reno, NV
    #1
    I need to get a SSL certificate for the first time and was wondering which company would be the best choice and what the differences were between services.
    For instance, why does GoDaddy offer certificates for as low as $30/year but Verisign starts at $400/year? Is it warranty? Is it compatibility with browsers?
     
  2. whatsgooddan macrumors member

    Joined:
    Apr 6, 2009
    Location:
    NY, USA
    #2
    Maybe it has to do with the website administrator and how valuable the owner feels the user data is.

    If you're making lots of money online, why not go for the $400 certificate?
     
  3. paperbag macrumors newbie

    Joined:
    May 15, 2009
    Location:
    Spokane
    #3
    where does ssl come into the picture at.

    i am learning web development on my own. And just now getting into PHP and MySQL, i do more research on topics then any thing, i have not seen a requirement for SSL.
    Would the need for SSL be in CGI. ?
    Or where is the need for at.
    Thank you.
     
  4. jpyc7 macrumors 6502

    Joined:
    Mar 8, 2009
    Location:
    Denver, CO
    #4
    secure socket layer

    SSL stands for secure socket layer. It encrypts information on the internet. You use it if you are dealing with sensitive information. So you might never need it.

    Websites for financial institutions and health organizations use SSL, but they pretty much are required. My company web email is also encrypted because we don't want proprietary information to be snooped.
     
  5. effenay macrumors newbie

    Joined:
    May 13, 2009
    #5
    SSL is not just about encryption. SSL certificates also provide the end-user with an assurance that you (the web site operator) really are who you say you are.

    In simple terms, the certificate issuing authority is vouching for you and your organizational and contact information presented in the certificate.

    The main differences in certificates are (1) the reputation of the issuing authority, and (2) the level of diligence the issuing authority will perform to issue the certificate.

    Regarding (1), anyone can generate a secure certificate. Just download OpenSSL and Google for instructions. But certificates are useless for public use unless they're issued by an source that is well known and trusted.

    To expand on (2), cheap certificates usually provide very basic validation; they just verify that you have administrative access to the domain (by emailing you at the domain, for example). Expensive certificates generally require a much higher level of verification by the issuing authority (they might actually call you, require you to submit organizational documentation, etc.) and therefore can offer a higher level of trust to the end-user.

    In real world use, most end users aren't educated enough to care about the level of diligence performed and the quality of the certificate; all they need is to see the little padlock icon and not receive error messages. But if your business can afford it, a premium certificate and the added level of trust it provides is a small price to pay to assure the small number of users who *can* tell the difference.
     
  6. oblomow macrumors 68020

    oblomow

    Joined:
    Apr 14, 2005
    Location:
    Netherlands
    #6
    If money is an issue, you can also consider using cacert.org. However the root certificate is not standard available in most browsers. And you have you do some work for it to get authorized. (web of trust, so you have to go around and show several people your id )
     
  7. davbeck thread starter macrumors regular

    Joined:
    May 16, 2008
    Location:
    Reno, NV
    #7
    Is godaddys $30/year plan going to be compatable with most browsers (anything with over 1% of the users)?
    I am willing to sacrifice assurance for price right now and upgrade to a better company after the website has made a little more money, but I don't want anyone getting a warning saying I'm not who I say I am.

    Also, am I correct in thinking that an SSL connection secures data coming to and from the server (rather than just one way or the other)?
     
  8. GoDaddyGuy macrumors newbie

    GoDaddyGuy

    Joined:
    Apr 15, 2009
    #8

    GoDaddy.com certificates have 99% browser ubiquity. There's more information on compatibility in the following help articles.
    http://help.godaddy.com/article/1139
    http://help.godaddy.com/article/1140

    Our SSL Certificates are based on the established industry standards — there is no technical difference between GoDaddy.com certificates and a certificate from any other major Certification Authority.

    An SSL certificate is a digital certificate that authenticates the identity of a Web site and encrypts information sent to the server. When an Internet user attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection. Feel free to contact our 24/7 support staff at 480.505.8877 if you any other questions.
     

Share This Page