Is there a difference from the super cheap SSL's to the expensive ones? Can someone be out of a shopping experience because of an over burdened SSL server? Anyone have experience with SSL servers being down because they chose a really cheap SSL authority?

I know that having the brand name Verisign is an advantage, but let's leave that aside. Can cheaping out leave your shoppers without SSL?

<< removed >>

As far as the working of the certificate goes, there is no difference between the cheaper ones and the same certificates from expensive companies like verisign, thawte etc.

There are other differences however, like for example the damage coverage etc.

HTH

Regards,
wakh

Love how you put your link in the post to create backlink?

If you're doing a high amount of financial transactions a day (or even a month), I suggest you go with a more expensive certificate such as verisign or high assurance one provided by GeoTrust.

From what I can see, the cheaper ones don't come with any assurance or warranty.

when would somebody use the warranty anyways? ever heard of a case where they get paid back?

Love how you put your link in the post to create backlink?

yeah well that, but to show my site that I'm referring to. The items are small ticket items and doesn't do a huge amount of business. so i'm not opting for the $1000/yr certs, but just wondering if the $10 ones work just as well. or any pitfalls anyone might know about. plus who doesn't want a backlink =P.

Your average consumer has no idea what an SSL certificate is, and even if they do they've probably never heard of VeriSign or Thawte anyway.

Save your money.

From what I knew, there are a slight differences in this aspects :

- Browser Recognitions
- Amount of warranty/assurances
- Ease of Extended Validation (EV)
- Bit of encryption

But none of them are highly affect your customers in PoS state.
Conclusion : Use the cheapest one IMO

From what I knew, there are a slight differences in this aspects :

- Browser Recognitions
- Amount of warranty/assurances
- Ease of Extended Validation (EV)
- Bit of encryption

But none of them are highly affect your customers in PoS state.
Conclusion : Use the cheapest one IMO

All the points you mentioned are correct except the last one. Certificates does not decide the bit of encryption. They can only have different key lengths, that's it.

What if the SSL provider is down. Does it check the SSL provider's servers? I figure cheap ones might cheap out on their hosting. Or is that not even a factor?

That's not even a factor.

Does anyone have a link to a cheap SSL provider? Whats the cheapest I can get a green bar for? (They're still expensive right?)

The cheapest I've found EV SSL certificates is with Entrust (http://www.entrust.net/ssl-certificates/extended-validation.htm) ($275/yr).

http://www.startssl.com/ <-- been hearing a lot of good things about them and will be giving them a go myself.

They offer free SSLs to to start with.

http://www.startssl.com/ <-- been hearing a lot of good things about them and will be giving them a go myself.

They offer free SSLs to to start with.

Looks pretty good - though for some reason their site makes me not want to trust them :/

@Mike - Cheers - They look pretty good!

Your average consumer has no idea what an SSL certificate is, and even if they do they've probably never heard of VeriSign or Thawte anyway.

Save your money.

I think you're right about this, but based on my experience, they still like to see that seal of "approval" on the site. And, since you can't just use a seal without actually being certified, I'd say go with a moderately priced solution.

You can even get a Free SSL certificate when you get any of the service at namecheap

Personally I also look at the design of the secure site seal. Some of them just don’t seem to inspire great seriousity/security.

Just saw that Go Daddy offers SSL Certificates with Extended Validation for only $ 99 - if you have a registered company in US, Canada, UK, New Zealand or Australia.

Personally I also look at the design of the secure site seal. Some of them just don’t seem to inspire great seriousity/security.

Just saw that Go Daddy offers SSL Certificates with Extended Validation for only $ 99 - if you have a registered company in US, Canada, UK, New Zealand or Australia.

Interesting. Although you could make your own generic SSL cert. But SSL to me is all about the image of security for people who have no idea what it is.

Search for RapidSSL and you can find a good cert for around $80.

Do you want a site seal? Some of the real cheap SSL providers do not offer a site seal with their cheapest certificate. I always suggest a site seal to my customers as it does make some consumers feel safer. And in my opinion it makes your site look more professional.

I believe the only real differences between brands is browser recognition. For instance one cert may have a 99% recognition compared to a more expensive cert may have 99.5% or better. And with the advent of most of the browsers currently in use having similar code bases there is little chance your customers will be using a browser that does not recognize your SSL certificate.

I just bought a GoDaddy cert the other day for my own site and the site seal is a little Hoakie looking. I may go back to Comodo which has a high quality looking and working site seal.

Interesting. Although you could make your own generic SSL cert. But SSL to me is all about the image of security for people who have no idea what it is.

When using a generic SSL cert you have created yourself - you would receive a rather scary warning when visiting the site telling the visitor that the SSL cert is issued by a non trusted company. Your communication would be encrypted – if your customers is not scared away.

Search for RapidSSL and you can find a good cert for around $80.

They are actually $10 @ NameCheap. Going through resellers is usually cheaper. As far as is a more expensive SSL better, yes and no. Yes, because those more expensive SSL's such as EV and Business Validated give you consumer tha protected feeling. The green bar makes certain people feel safer, but there is no point of that unless you are processing a lot per month. Otherwise, a cheap SSL will do.

There is not much difference between the cheaper ones and the same certificates from expensive companies

From what I knew, there are a slight differences in this aspects :

- Browser Recognitions
- Amount of warranty/assurances
- Ease of Extended Validation (EV)
- Bit of encryption

But none of them are highly affect your customers in PoS state.
Conclusion : Use the cheapest one IMO
Positive.
Thats what I was going to reply.
Thawte, Verisign & GeoTrust have strong base in the SSL Market also they are more recognized than the other 'cheaper' SSL Companies.

If you go for an expensive SSL, then your client can know that you are serious about the encryption security of the billing area.

Anyways, not much people know about SSLs and etc, so buying an expensive one is not worth it :p

Go for cheaper one...

Is there a difference from the super cheap SSL's to the expensive ones? Can someone be out of a shopping experience because of an over burdened SSL server? Anyone have experience with SSL servers being down because they chose a really cheap SSL authority?

I know that having the brand name Verisign is an advantage, but let's leave that aside. Can cheaping out leave your shoppers without SSL?

<< removed >>

Most SSL authorities aren't the problem, it's with the MYSQL database that can bomb out when you use cheap hosting. We had a Godaddy account with basic hosting and had to upgrade because the database was timing out so much we were losing customers who couldn't purchase.
Get at least a virtual server so you're not one of 400 customers shared with rock bottom hosting packages. Also generate a 2048 bit key, not the 1024 bit which is less secure.

www.namecheap.com they are good and cheap, comodo, rapid and so on.

www.namecheap.com they are good and cheap, comodo, rapid and so on.

Agreed, we got our EV Geotrust dirt cheap from there.

www.namecheap.com they are good and cheap, comodo, rapid and so on.

Going to have to 100% Agree with this post, Namecheap is the best place to get SSL Certs, We are going to get EV with them soon enough.

a yellow padlock is a yellow padlock, cheap or expensive. EV SSL is the one that the big guys are using now.

if you are buying SSL so that people will trust you and do more business with you, then imo you should use site seals as well. Afterall your customers buy your trust before they buy your products.

Melih

PositiveSSL now offer $5/year.
But it not work well on some Firefox version.

Do people have any regard for the site seals? I always thought they were worse than useless (read: cheesy at best, indicative of a fraudulent site at worst).

there are many types of SSL certificates available, wild card work with or without www as prefix, normal SSL work only with either or www. ssl with extended gives more corporate look by coloring address bar green.

I think GoDaddy SSL is like $25 a year. Good combination of reasonable pricing and recognizable name I think.

There are SSL Certificates for $5 from well known brands too.

thanks

Melih

PositiveSSL now offer $5/year.
But it not work well on some Firefox version.

I am not aware of any problems with Firefox. Please tell us which version of Firefox.

Yes PositiveSSL uses Comodo roots and is $5 (for a limited time)..

Melih

Insurance ability also is also taken into account.
Standard SSLs can insure from $10,000.
Higher-end SSLs can go to $250,000 and higher.

What gateway are you utilizing? Most Gateways today include a excellent SSL.

Yes comodo is cheap :)

How about stable, quality, performance. If your doing 1000 transactions per day, can your cheap gateway process that many tranz. (nothing wrong with inexpensive)

How is their servers, backups, load balancing etc.

Is there a difference from the super cheap SSL's to the expensive ones? Can someone be out of a shopping experience because of an over burdened SSL server? Anyone have experience with SSL servers being down because they chose a really cheap SSL authority?

I know that having the brand name Verisign is an advantage, but let's leave that aside. Can cheaping out leave your shoppers without SSL?

<< removed >>

Even a place like Starfield is very inexpensive, usually your hosting provider will help with it. Any logo will help get sales if a customer can verify it. If you have a dedicated server the support needed to install it can quickly turn into a nightmare if you use a place like Wild West Hosting or Godaddy to be warned.
It would be a realy good idea to have it done by your webhost. If you have a dedicated server you'll have to figure it out, which isn't a pleasant experience.

Technically, there is little to choose between the cheap and expensive certs as far as encryption.

What does change as you move up the scale from "Domain-only" to "Full organization" to EV is the level of checking they perform of the certificate holder. More money means a higher level of real-world assurance that the certificate holder really exists and is who they say they are.

As far as Verisign vs. Thawte vs. GeoTrust -- they're all the same company. Verisign bought Thawte in 1999, and GeoTrust in 2006.

Technically, there is little to choose between the cheap and expensive certs as far as encryption.

What does change as you move up the scale from "Domain-only" to "Full organization" to EV is the level of checking they perform of the certificate holder. More money means a higher level of real-world assurance that the certificate holder really exists and is who they say they are.

As far as Verisign vs. Thawte vs. GeoTrust -- they're all the same company. Verisign bought Thawte in 1999, and GeoTrust in 2006.

You can read more about Verisign, Thawte etc with market share information if u go to whichssl dot com.

Melih