If you want a run of the mill certificate then I would suggest www.CheapSSLs.com who are owned by NameCheap, I do believe. I'm a big fan of RapidSSL certificates but frankly, the uber cheap PositiveSSL certificates will serve you just as well.
You could get a wildcard SSL certificate for all of your sub domains *.mysite.com or just buy two SSL certificates, whatever is cheaper for you. Pretty much any place you buy them from will have instructions on how to install them. If you're using a control panel, it will be even easier for you to do.
You can buy a seperate SSL for 2 domains, or can buy a wild-card SSL that can be installed for any hosts something.mysite.com. The price varies upon the providers and the feature set, but an average one can cost upto $100 an year(Wild-card one costs much higher).
Kevin Cheri : Senior Server Administrator / Freelancer : 9+ years Exp, reach me out for any help Server Optimization Expert / Mysql Guru / Migration Specialist
Skype : lynxmaestro
Gmail : [email protected]
You don't buy a certificate. You buy the signing of this signature by a browser recognized Certificate Authority.
The differences between the multiple choises you have are:
- browser recognision of that CA
- what do they check before signing it (there are free CAs that only check owner of the domain before signing the request).
Independently from what CA signs your certificate request, your https website's security relies on:
- What cipher suites you use (what encryption algorithm, what key exchange and what authentication mechanism)
- Protocol you use (at least SSLv3, TLS1.1)
- Your server's OS security
- Vizitor's browsers (older browsers have ssl/tls vulnerabilities).
I.E.: StartTLS (i don't work for these guys, but they're pretty cool and you'll see why) signs certificate requests for free. They only verify you are the owner by sending you a confirmation email to root/postmaster/admin @ yourdomain.com. The rest is easy. They sign only for one year and they give you the option to set two CNs (one for a subdomain and one for the domain, i.e.: subdomain.mysite.com and mysite.com).
Depending on what CA you choose to sign, they might add multiple CNs by adding multiple SubjAltName directives into the certificate or they might give you a wildcard signed certificate (*.mydomain.com), but these wildcard certificates do not support "mydomain.com", but they will support any subdomain for it (except for test.sub.mydomain.com). You just need to make sure you know what you need and then start hunting.
Its pretty unbelievable that you haven't looked into SSL certificates yet after running a web hosting company. It is an essential part of the web hosting era and every hosting company uses it to protect their sensitive data from eavesdropping, like client area.
Ok, SSL / TLS is cryptographic protocols. The purpose of SSL certificates are the following two mainly,
1. To encrypt the communication between end user and server.
From where you can get it :- If you plan to sell it your clients, you can sign-up for a reseller account to any provider like cheapssl, ***********, etc ( some others can bring you more suggestions ). Select a good provider and sign-up for a reseller account to them, so that you will get SSLs in cheap rate.
PS: Consider protecting your WHMCS with SSL as soon as possible.
As others mention, either 2 SSLs, or 1 wildcard - Personally I would buy a wildcard, because it might become useful, lets say you want to protect:
whatever, then a wildcard is usually recommended. If you use 2 SSLs you need to keep in mind, that if you're using cpanel servers, you need to use CentOS6 to run SNI which is a TLS/SSL extension that allows you to run multiple certificates on same IP.
A PositiveSSL Wildcard will protect mysite.com, www.mysite.com, and controlpanel.mysite.com etc.