Just wondering who is the cheapest in selling these.

GeoTrust is selling cert at price as low as $99
check this URL http://www.geotrust.com/building_trust/

http://www.ssl4less.com

$79

http://www.freessl.com/

First year is free, then you have to either quit using it or upgrade to quick SSL.

Note: They're doing this in three month periods, so every 3 months you have to renew your cert. You still get it for free for 12, though.

Originally posted by Revelation
http://www.freessl.com/

First year is free, then you have to either quit using it or upgrade to quick SSL.

Note: They're doing this in three month periods, so every 3 months you have to renew your cert. You still get it for free for 12, though.

True, I got one of these. However note that the certificate is only valid with IE5 and higher.

Originally posted by Myacen
Just wondering who is the cheapest in selling these.

Uh, another question. Some signers charge much more for wildcard certificates. Now who is the cheapest in selling those?

Another thing to remember when you buy a cert is compatibility. We all know the certs are going to about the same security wise since most of the security features are local but if only 70 or 80% of your users can see them without getting a warning, your loosing business. It may only be a few orders but thats a few orders you lost to save what... $20?

The $79 certs from http://www.ssl4less.com/ are the eBusinessID certs that GeoTrust sells for $175; they're accepted by 98-99% of browsers. It's an excellent value. :)

Regarding wildcard certs. Thawte used to sell them for around $500-600, but since being bought by Verisign they've changed the pricing structure. I don't know exactly what it is, but I'm sure the cost is much higher if you intend to use it for a lot of subdomains...

I like Thawte. It's a bit higher priced at $125 per year, but they're accepted by virtually all browsers without warning.

Originally posted by bombino
I like Thawte. It's a bit higher priced at $125 per year, but they're accepted by virtually all browsers without warning. The eBusinessID certs from SSL4Less are signed by an Equifax Secure CA (Equifax Secure was bought by GeoTrust...) that is signed by the Thawte Server CA. So the eBusinessID certs are accepted in just as many browsers as the SSL certs from Thawte, and they're available for a lower price...

Originally posted by Rehan

Regarding wildcard certs. Thawte used to sell them for around $500-600, but since being bought by Verisign they've changed the pricing structure. I don't know exactly what it is, but I'm sure the cost is much higher if you intend to use it for a lot of subdomains...

Thawte sells them higher if I use it on more subdomains :(. GeoTrust sells them with flat price at $500 a year, still a bit expensive. Anybody know wildcard cert issuer with cheaper price?
Technically, I know that creating wildcard certs is not any harder than creating single domain certs. So I don't see the point raising the price for wildcard certs other than generating more revenue :(

you are probably right that they are raising price just because they can.

On the other hand, secure certs are the selling of trust, so if you issue a wild card cert, you are giving out a lot of trust.

Consider this, the CA sell the cert to you after verifying that you are legitimate, but can others trust you, as the one who has the wild card cert, to issue responsibly to your subdomains?

Peter

Originally posted by Rehan
The $79 certs from http://www.ssl4less.com/ are the eBusinessID certs that GeoTrust sells for $175; they're accepted by 98-99% of browsers. It's an excellent value. :)

Does the $79 include the cert and the True Site identity service as the GeoTrust at $175.00?

Originally posted by DigitalXWeb
Does the $79 include the cert and the True Site identity service as the GeoTrust at $175.00? Yup!

Originally posted by ckpeter

Consider this, the CA sell the cert to you after verifying that you are legitimate, but can others trust you, as the one who has the wild card cert, to issue responsibly to your subdomains?



Yes, you are right. However, right after I paid the CA for my certs, they won't use the excess money I paid them to make sure I will be using the cert responsibly.

Originally posted by Rehan
Yup!

Thanks for the info!!

Yes, you are right. However, right after I paid the CA for my certs, they won't use the excess money I paid them to make sure I will be using the cert responsibly.
That's a really good point. But I don't think it's *quite* that simple. For instance, you contend that they are selling something for more, simply because they can...that they don't have any more money invested in that cert than they would with a single domain cert.
But the fact is, they are providing MORE to you than if you purchased a single cert. Whether it costs them more to provide it or not.

<tangent>
For instance...at least everywhere I've lived here in the US...on every one of my telephone bills, I've always paid an additional amount of money for the benifit of being able to use a touch-tone telephone. Now, what Ma Bell doesn't tell you is that it actually costs them LESS to provide this over pulse dialing, but you get charged for it anyway. Even though that's pretty stupid, I would NEVER stop paying that fee, because it's a real bitch waiting for a call to go through while you're waiting for the number to finish dialing.

The same for unleaded gasoline. It wasn't *that* long ago when you could pull up to a gas pump and choose from regular or unleaded. Unleaded costs the gas companies LESS to produce, but always cost MORE at the pump. Why?
</tangent>

I'm not saying your arguement is totally baseless. In fact, I'm going to bring it up to my sales rep at GeoTrust the next time I speak with him. But sometimes, I guess life just aint fair. :)

Hi!
I guess you could try entrus.net

I haven't tried it ....
Thawte is good and we like it... :)

have a great day :)

regards
amar

Originally posted by bobcares
Hi!
I guess you could try entrus.net


Do you mean http://entrust.net ?

I just wanted to bring up something about the price differences. I found that with Verisign, you pay $349.00/year for a 128 bit SSL cert and you not only get the security, you also get a $100,000 protection insurance. This will allow you to have some extra insurance just in case anyone is able to hack into the ordering page.

I dont think that Thawte offers protection insurance with their $125.00/year SSL certs, but I could be wrong.

I would think that it would be better for a business to have this special sort of protection in case anyone does hack the system and make charges to the credit cards.

Just a thought.

Jim

Originally posted by jimb
I would think that it would be better for a business to have this special sort of protection in case anyone does hack the system and make charges to the credit cards.That's not really what the insurance covers... From http://www.verisign.com/repository/netsure_faq/ :NetSure is an extended warranty Internet program which provides Digital IDSM holders with protection against accidental occurrences such as loss of the subscriber's private key (corresponding to the public key in the Digital ID) and theft, corruption, impersonation, certain loss of use and unintentional disclosure of a subscriber's private key to others, provided that you, a subscriber, have fulfilled your obligations. Firstly, it has to do only with cryptographic functionality and the management of the key data, not the overall protection of your server (a hacker could break in and steal data if you're using weak passwords, and that would be no fault of Verisign). And while insurance for the protection of the private key is of value in cases where Verisign holds that private key, that doesn't apply for SSL certificates -- a certificate is basically just a signed public key; the public key and some additional information are all that are included in the CSR.

So it's mostly just a marketing tactic...

double post

To me the most important features of an SSL cert are, Identity, & Compatibility. If neither of these are important to you, get the freessl cert. The QuickSSL certs are a step up in both areas, but still a bit behind in browser compatibility, and the proof of identity is pretty weak. Anyone can register a domain name, and put their name in admin contact. Does this mean that they are actually affiliated with the business that their domain says they are? I was actually pretty shocked how easy it was to get a cert from them. Quick, easy, & cheap is good, but not when it's at the expense of security. This is not to say that other companies certs cannot be fraudulent (remember verisign & microsoft?), but any extra steps in identity verification are helpful.

Just my opinions...

-Dan

So the next level of business identification above a QuickSSL cert only requires a DUNS number, or a federal EIN number.

Both of these are free.

Both require very little proof of who you are - if any.

I'm not sure they are a significant step up from QuickSSL certs with regards to identify guarantee.

Now I sell both, and I'd much rather sell an eBusiness cert than a QuickSSL cert since there is significantly more profit in it for me, but I'm not yet convinced they are that much better in the end.

As for QuickSSL browser compatibility, you need to be concerned only if you are serving a significant number of older browsers. Check out your web logs and see what people are using. The 90% of all browsers claim is based on a fairly arbitrary cutoff point of older browsers. In fact I think it's based on a University study - where the computer users are mostly captive within the campus, and have very old systems with little interest in upgrading.

On one very busy ecommerce site, my customer added a QuickSSL cert to secure another subdomain on the site. He already had a Verisign cert on his main secure directory, and he did not want to buy a wildcard cert. He opted for the $99 QuickSSL cert, and has had 100% compatibilty for the past 40 days. He processes about 20,000 transactions a month through this new cert, without any problems yet.

Again, your client base will determine if you have any compatibility problems.

-t

Hey Guys,

Just as an FYI, Equifax/Entrust are not chained from us anymore, they have their own roots now (in the latest browsers)

Cheers,

Originally posted by thewitt
So the next level of business identification above a QuickSSL cert only requires a DUNS number, or a federal EIN number.
-t

Hi -t,
I didnt know they required an EIN or DUN. I dont think a person can get and EIN if you dont have any employees. What are the options for folks do that dont have employees?

What is a DUN?
Thanks

ssl4less.com

am I going blind, where does it say $79 the cert costs $99 :eek:

We have a cert from them and it costs $99 not $79, dont lead people on..............

Kind Regards.

Originally posted by cabalstudios
ssl4less.com

am I going blind, where does it say $79 the cert costs $99 :eek:

We have a cert from them and it costs $99 not $79, dont lead people on..............
No, you're not blind...just a little late to the party. They were $79 when the earlier messages in this thread were posted, but it looks like the price has now increased to $99. Still a good deal...

Apologises,

I should have looked at the date(s)...

No hard feelings :cartman: