Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How to choose a SSL provider

D

davbeck

macrumors regular
Original poster
May 16, 2008
104
0
Reno, NV
I need to get a SSL certificate for the first time and was wondering which company would be the best choice and what the differences were between services.
For instance, why does GoDaddy offer certificates for as low as $30/year but Verisign starts at $400/year? Is it warranty? Is it compatibility with browsers?
 
Maybe it has to do with the website administrator and how valuable the owner feels the user data is.

If you're making lots of money online, why not go for the $400 certificate?
 
where does ssl come into the picture at.

i am learning web development on my own. And just now getting into PHP and MySQL, i do more research on topics then any thing, i have not seen a requirement for SSL.
Would the need for SSL be in CGI. ?
Or where is the need for at.
Thank you.
 
secure socket layer

paperbag said:
i am learning web development on my own. And just now getting into PHP and MySQL, i do more research on topics then any thing, i have not seen a requirement for SSL.
Would the need for SSL be in CGI. ?
Or where is the need for at.
Thank you.
Click to expand...

SSL stands for secure socket layer. It encrypts information on the internet. You use it if you are dealing with sensitive information. So you might never need it.

Websites for financial institutions and health organizations use SSL, but they pretty much are required. My company web email is also encrypted because we don't want proprietary information to be snooped.
 
SSL is not just about encryption. SSL certificates also provide the end-user with an assurance that you (the web site operator) really are who you say you are.

In simple terms, the certificate issuing authority is vouching for you and your organizational and contact information presented in the certificate.

The main differences in certificates are (1) the reputation of the issuing authority, and (2) the level of diligence the issuing authority will perform to issue the certificate.

Regarding (1), anyone can generate a secure certificate. Just download OpenSSL and Google for instructions. But certificates are useless for public use unless they're issued by an source that is well known and trusted.

To expand on (2), cheap certificates usually provide very basic validation; they just verify that you have administrative access to the domain (by emailing you at the domain, for example). Expensive certificates generally require a much higher level of verification by the issuing authority (they might actually call you, require you to submit organizational documentation, etc.) and therefore can offer a higher level of trust to the end-user.

In real world use, most end users aren't educated enough to care about the level of diligence performed and the quality of the certificate; all they need is to see the little padlock icon and not receive error messages. But if your business can afford it, a premium certificate and the added level of trust it provides is a small price to pay to assure the small number of users who *can* tell the difference.
 
davbeck said:
I need to get a SSL certificate for the first time and was wondering which company would be the best choice and what the differences were between services.
For instance, why does GoDaddy offer certificates for as low as $30/year but Verisign starts at $400/year? Is it warranty? Is it compatibility with browsers?
Click to expand...

If money is an issue, you can also consider using cacert.org. However the root certificate is not standard available in most browsers. And you have you do some work for it to get authorized. (web of trust, so you have to go around and show several people your id )
 
Is godaddys $30/year plan going to be compatable with most browsers (anything with over 1% of the users)?
I am willing to sacrifice assurance for price right now and upgrade to a better company after the website has made a little more money, but I don't want anyone getting a warning saying I'm not who I say I am.

Also, am I correct in thinking that an SSL connection secures data coming to and from the server (rather than just one way or the other)?
 
davbeck said:
Is godaddys $30/year plan going to be compatable with most browsers (anything with over 1% of the users)?
I am willing to sacrifice assurance for price right now and upgrade to a better company after the website has made a little more money, but I don't want anyone getting a warning saying I'm not who I say I am.

Also, am I correct in thinking that an SSL connection secures data coming to and from the server (rather than just one way or the other)?
Click to expand...


GoDaddy.com certificates have 99% browser ubiquity. There's more information on compatibility in the following help articles.
http://help.godaddy.com/article/1139
http://help.godaddy.com/article/1140

Our SSL Certificates are based on the established industry standards — there is no technical difference between GoDaddy.com certificates and a certificate from any other major Certification Authority.

An SSL certificate is a digital certificate that authenticates the identity of a Web site and encrypts information sent to the server. When an Internet user attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection. Feel free to contact our 24/7 support staff at 480.505.8877 if you any other questions.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back