| 1:39 pm on Mar 10, 2005 (gmt 0)|
Geotrust is one that we usualy use. If it is providing 128bit encrpyption - that is the main thing. Then look at the browser compatibility.
| 4:13 pm on Mar 10, 2005 (gmt 0)|
Instant SSL seem to do the same thing as geotrust but they are cheaper. Also the offer a warrenty system where you are inssured for purchase upto $2500 (for the level I have been looking at).
Should I be seduced by this offer of warrenty?
| 4:23 pm on Mar 10, 2005 (gmt 0)|
You might check out ev1servers also - see if you can get the cert from them at a cheaper price.
And honestly, I have never paid any attention to the warranty part
| 9:47 pm on Mar 10, 2005 (gmt 0)|
You should try godaddy. They have 128 SSL starting at $30 per year and they own their own root. I've always been satisfied with them.
| 11:19 am on Mar 11, 2005 (gmt 0)|
I bought mine from ev1servers as a result of a recommendation here. Very pleased with it, a Geotrust Quick SSL Cert for $49 how can you go wrong? ;-)
Would have cost me $169 direct from Geotrust!
| 11:32 am on Mar 11, 2005 (gmt 0)|
Why not to use FreeSSL (now RapidSSL). It's about $45, I've bought it -- seems OK.
| 3:13 pm on Mar 11, 2005 (gmt 0)|
I've bought numerous cerificates from InstantSSL, all working perfectly well and once you've bought one, later ones are delivered within the hour!
I really can't see the point in spending any more by using another supplier.
| 3:55 pm on Mar 11, 2005 (gmt 0)|
just to put in the other side of the coin.
i would never go with anyone other than verisign, or, if on a tight budget, thawte.
it obv. depends on what industry you are in, but in ours - travel - we need every confidence help we can get, and a name like verisign works wonders.
| 4:34 pm on Mar 11, 2005 (gmt 0)|
Thanks for all your replies, very helpful. Just another question, whats the significance of the certificate issuer owning their own route?
Why are versign so expensive, and what do they offer that the other don't?
| 7:28 pm on Mar 11, 2005 (gmt 0)|
>> Why are verisign so expensive, and what do they offer that the other don't?
brand. imo, there is something reassuring for a buyer knowing he is being protected by the world's biggest ssl provider. and of all of these brands above, the chances are more likely he knows about verising than the others.
[edited for clarity]
| 1:48 pm on Mar 12, 2005 (gmt 0)|
Thinking about it though, how many people actually check the certificate? I think most people just look out for the padlock and some might check the url starts with https.
| 11:00 pm on Mar 12, 2005 (gmt 0)|
Most do not actually. But with verisign, they give you their logo to use on your website actually
| 9:29 pm on Mar 13, 2005 (gmt 0)|
I think that essentially at this stage I just need a secure connection, I think that as things start to ramp up I may benifit from verisign brand, but at this stage I can't see that I will get any benefit from spending another £200.
I think that you are right about people not checking the certificate, I know that in the past I haven't. I have only just started checking as I have been looking into ssl.
Thank you for all your input.
| 9:38 pm on Mar 13, 2005 (gmt 0)|
We've used Thawte for about 5 years now. No problems whatsoever.
| 10:06 am on Mar 14, 2005 (gmt 0)|
What problems might you expect from a certificate provider.
| 2:31 pm on Mar 14, 2005 (gmt 0)|
Some of the bigger problems is that they are not automatically installed on a browser.
For example, Verisign has already been installed on almost all the browsers out there. You can actually issue you own cert - either thru your server or thru someone like cacert.org. You will get 128bit encryption, but the cert needs to be trusted on that computer first. And the general public does not really know what this means.
| 9:19 pm on Mar 14, 2005 (gmt 0)|
Is there a way to check what are the more common certificates that come installed on a browser or is that what the ssl providers mean when they say that there certificates are excepted by 99% of browsers?
| 11:25 pm on Mar 14, 2005 (gmt 0)|
Well on IE, go to Tools - Internet Options - Content - Certificates. Here you will see what ones you have installed on your system actually
| 12:06 am on Mar 15, 2005 (gmt 0)|
Comodo (InstatSSL) does not own their own root and GeoTrust will tell you this is a bad thing. This is only bad if Baltimore ever revokes the Comodo certificate. IMO this is unlikely.
GeoTrust has a slightly less browser installation base than the other major CAs. The main difference is that the GeoTrust certificate was not included in the IE 5.0 release, whereas most of its competitors were (Verisign, Thawte, Comodo, etc...). IE 5.0 users make up an estimated 3% of the Internet population.
I have been working on compiling CA data into a comparison web site. If you are interested, sticky note me and I will reply with the URL.
| 1:04 am on Mar 15, 2005 (gmt 0)|
You might want to check and see if your host offers a shared SSL certificate. I'm no authority on any of this...but that is how I am implementing SSL with no additional out of pocket.
Really was pretty easy...only drawback being the odd URL in the address line. (host/username/page instead of mysite/page)
Had to turn off Frontpage extensions and make sure I called all images using the https://host/username/filename path.
| 10:23 am on Mar 15, 2005 (gmt 0)|
Thanks for the suggestion, I have checked about a shared ssl, which my host do not provide, well they do but, it doesn't seem any cheaper then buying a certificate just for my site. (if you are comparing price with instant ssl). So I thought that I would bite the bullet and get one for our site alone, just which bullet should I bite? However this discussion is helping to make things clearer.
| 8:13 pm on Mar 15, 2005 (gmt 0)|
Verisign actually owns Thwarte, "or they did the last time I check", so I use the Thwarte logo, but have "Thwarte - A Verisign Company" below it.
This probably violates some logo license agreement and no body has bothered me on it.
However, for Joe Blow Average consumer, they just care about the padlock, and don't care or understand certificates anyways.
For us, we have one holding company, and upon checkout from our various subsiduaries (different websites), they are routed to our holding company payment gateway. That way one certificate is shared amonst all my websites.
Here is the latest market share info for the major certificate issuers.
As you can see, verisign is losing market share due to it high prices.
[edited by: lorax at 8:48 pm (utc) on Mar. 15, 2005]
[edit reason] delinked [/edit]
| 5:00 pm on Apr 6, 2005 (gmt 0)|
i just started using Verisign... After my first year of operation with a quickSSL from Geotrust, which worked great.. But i think once you start getting around 300-400 visitors a day, depending on what you are selling the brand name "VeriSign" can instigate more then enough purchases to pay for itself .. I've actually had a few customer ask me "where is the verisign logo", not even knowing there was other options.. so i figured if people are asking, then the amount of visitors thinking the same thing must be expontially higher... 1000 bucks a year is really expensive, and Verisign probably isn't worth it until you are hitting the higher numbers.. But once things are rolling i think any site can quickly benefit from using it... all the other SSL's are great and recognized as well, but using verisign seems to be point most sites will eventually hit once enough sales come in..
| 11:04 pm on Apr 8, 2005 (gmt 0)|
Hi Red_Eye.. you must be younger than me :)