Jump to content

SSL Certificate Product Selection Help

Recommended Posts

I'm not very knowledgeable on the security side of things, so I thought I'd run these options by you guys in hopes that you can offer some input.

I'd like to implement SSL for my entire site, and will need to purchase an SSL cert obviously.

Below are the 4 currently available options I can get directly via my hosting company.

Any thoughts around the options and pricing?

Not sure if the GeoTrust QuickSSL Premium supports subdomains like Comodo Essential Wildcard does, but that seems like something to consider/verify.

GeoTrust RapidSSL

Price: 30.00 USD/year

A domain validation certificate that provides complete encryption. Issued in minutes, easy to set up and install. Ideal for just getting started.

Comodo Essential

Price: 35.00 USD/year

A basic domain validation certificate that provides complete encryption for a very low price.

GeoTrust QuickSSL Premium

Price: 150.00 USD/year

A domain validation certificate. Issued in minutes, with an extended warranty of $100,000 USD and a dynamic True Site Seal.

Comodo Essential Wildcard

Price: 150.00 USD/year

A domain validation certificate. Streamline your process and easily manage your domain and subdomains under the same SSL certificate.

Link to comment
Share on other sites

You can think SSL choices in simplified manner like this:

Do you want a fancier lock that means paying extra (and paper work involved)?

Then you get the EV. Prices usually in 150 -1000 per year.

Or do you want a cheap one?

Then you get the cheapest option out of everything. Prices usually in $7 - 30 per year. (even cheaper at longer terms)

Now, special case. If you need multiple subdomains also covered, you need the wildcard version of either two. Pricing of these is usually x10 of above. So, if u have less than 10 subdomains to cover, you can just buy X number of above instead to save money.

Everything else in between. No one will notice that there is a difference. NO ONE.

Link to comment
Share on other sites

  • 3 weeks later...

For the purposes mentioned, any valid SSL certificate will work.

I used ones from Namecheap that were on sale at the time for $2.99 and they work fine. I believe they were Comodo brand, but not certain.

There's a trick to getting cheaper PositiveSSL certificates with Namecheap. Purchase a 1 year WhoIS Guard subscription for $2.88 and you'll be able to add in a PositiveSSL certificate for $1.99 (vs. the regular price of $9.00)

The end cost is $4.87, so even if you will have no use for the WhoIS Guard subscription, it's still cheaper than buying a SSL certificate alone.

Feel free to thank me for this tip by using my affiliate link if you decide to purchase from NameCheap :tongue:,


(Staff feel free to nuke the affiliate link if that's not allowed also)

Everything else in between. No one will notice that there is a difference. NO ONE.

I remember how this used to always bother me. It still does. I spent hours researching and asking around on IRC trying to figure out what the real difference between CA's was, and could never find an answer that I was satisfied with. I know Comodo's CA has been compromised before, so have some other CA's, but chances are none of this actually matters to you anyways. Your clients are not going to care which you go with, so don't believe that marketing gibberish.

I use RapidSSL on my primary forum right now and PositiveSSL everywhere else.

CA's in general all seem to be ridiculous scams. They provide a currently necessary service, sure. But it's a ridiculous exploitative monopolistic market. Want to use a CA that has compatability with stone age browsers? You have no choice but to go with one of the major players that have been around for a long time. They also charge you hundreds of dollars to process some paperwork, verify you own a business, and give you a SSL certificate with a pretty green bar.

If you try and buy from Comodo directly, you'll end up paying $49/year. If you buy through NameCheap directly, you'll pay $9/year. If you get a PositiveSSL certificate with a domain name or WhoIS guard subscription on NameCheap, you'll get it for $1.99 for the first year.

Don't you love those huge price gaps?

Link to comment
Share on other sites

I do believe the fancier lock has value. Because it confirms your business. A scam, phishing, etc. site will get a cheap ssl. But they will never get a green one. So it adds trust for your customers. SSL manufacturer's marketing aside, it helps YOUR marketing. If you have an ecommerce site, your users will more likely purchase more easily with a fancy lock. Even if it's a very small degree of influence, if you have a high transaction count, it may be worth more than $200 or w/e to you. So, it's a bit like an investment. SSL manufacturers realize this and are reflectively charging you for it. And the fact that they actually gotta work unlike the other auto-issues.

And yes, SSL business is quite lucrative as it forces small number of players. Comodo 49/yr isn't the bad one... it's ones like verisign... That REALLY works with stone age browsers. And charges you 10x more for it. Again, if you make enough sales so that 1% of these crappy browser users make a difference to you, you pay the extra.

In business, I've been always taught to charge based on what you can get, not what it costs you. I'm sure their MBAs was taught similarly.

Link to comment
Share on other sites

Oh of course, I'm not doubting the value of EV certificates. But to be honest, most users are probably ignorant enough that they'd log into any website under HTTP without a care in the world, even a banking website on a public WiFi network at Starbucks, because the average user doesn't understand any of this.

But If I operated a business, I'd probably fork over the cash for a $145/year EV certificate.

As far as comparability goes though, anyone using stock IE6 on Windows XP won't even be able to connect to any websites I run, because I only support TLS connections. :tongue:

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...