i used the basic one from Thawte, quick turnaround and cheap

I'm using xramp; they're very economical over 3 years.

Godaddy has them for $29 a year and they are very popular.

Is the GoDaddy one 'compatible' though? I could be wrong, but i swear we installed one of those once for a client and I got a security message from the browser.

Again, i could be wrong so if someone could let me know.. that price sure is right.

I got one from RapidSSL today - $69 or about $36 for a renewal. Fast turnaround. Phone support available and they answer. They have fast and effective verification process.

I also have used Comodo - more expensive and possibly better recognition, and I found great customer service over email. I think they have a more in-depth verification process.

Make sure your SSL Certificate Signing Request (CSR) uses your choice of WWW or NON-WWW. I made that mistake on this occasion, and had to go through the process twice.

There are just too many older browsers out there still to consider anything but the extremely overpriced VeriSign. Sure, it's a couple hundred bucks more than everyone else, but that's just a couple of sales per year. We tried one of the cheaper solutions but after the first time I heard that a customer called to place an order because their browser said our site was not secure, we went right back to VeriSign. I can't wait for the old browsers to join the graveyard, but they are not yet there. I figure that for every one person that calls in an order because of lack of compatibility, 20 other people just leave.

Unfortunately, VeriSign is still the King of Compatibility.

Fully agree with corbing. I know from experience, unless you want to deal with shoppers complaining about pop-up boxes stating the certificate is "not secure", pay the extra money and go with Verisign.

There are just too many older browsers out there still to consider anything but the extremely overpriced VeriSign. Sure, it's a couple hundred bucks more than everyone else, but that's just a couple of sales per year. We tried one of the cheaper solutions but after the first time I heard that a customer called to place an order because their browser said our site was not secure, we went right back to VeriSign. I can't wait for the old browsers to join the graveyard, but they are not yet there. I figure that for every one person that calls in an order because of lack of compatibility, 20 other people just leave.

Unfortunately, VeriSign is still the King of Compatibility.

Very true. I am using Thawte at the moment because of this. Otherwise I would have used the much cheaper solutions out there.

It really doesn't sound that great when you have a SSL issued by "GoDaddy". Most techsavy people are familiar with this name, but when I told my father about godaddy, he impression of this company was VERY negative.

@Raymond

I told my father about godaddy

Is your father a web-guru? :)

No :D. He is the type that takes a few days to understand the concept "double click".

We've never had a problem with godaddy. They have 99% browser recognition, and I've never had a customer complain. Besides, no one actually looks to see were the Cert. comes from, all they look for is the "Lock" at the bottom of the screen. Unless your customer base is "Tech Savy" by nature because of what you sell, I think they are fine.

The problem is GODADDY doesnot support Indian merchants.
Verisign will be too expensive for us at the moment.
Thawte is something we can look for as they have monthly payment options.
How do you guys rate xramp and rapidSSL?

Verisign still exists because people still believe this browser compatibility issue. Verisign, Thwarte and GeoTrust has insignificant differences in browser compatibility, but with a factor of 5 to 10 in price.

The fact is Verisign is no longer the leader in marketshare, so if somebody has such an ancient browser, that they are getting a certificate warning, they are probably getting the same warning from over 60% of the websites out there.

In other words, the customer won't blame you, they will blame themselves.

I've had good luck with RapidSSL.

The browser-compatibility problems are a myth. 98% of my visitors use a modern browser, and the other 2% have issues not specific to my site.

Verisign still exists because people still believe this browser compatibility issue. Verisign, Thwarte and GeoTrust has insignificant differences in browser compatibility, but with a factor of 5 to 10 in price.

The fact is Verisign is no longer the leader in marketshare, so if somebody has such an ancient browser, that they are getting a certificate warning, they are probably getting the same warning from over 60% of the websites out there.

In other words, the customer won't blame you, they will blame themselves.

I disagree. Customer will not take responsiblity for security error messages caused by older browers. Most customers don't know better and will just shop elsewere to avoid the warnings.

If the customer browser is 7 years out of date, their machine is probably full of security holes, virus's, spyware and trojan's also.

These people have their head in the sand, they are not going to let a few security popups slow them down.

And even if it does, do you want this type of customer?

As a follow up, Im obtaining 99.95 % browser compatibility using GeoTrust. So the pontential of a problem is one in 2000, and since most conversion rates are around 1%, the potential for a loss customer is 1 in 200,000, for using GeoTrust or Thwate over Verisign.

With the issue of identity theft on everyone's minds these days, I think that if people see the SSL is issued by an unknown (to them) company, they might have misgivings about how safe the site is. I know I would.

I don't like to admit it, but it's also a brand/image issue. VS has higher brand recognition (and therefore, to some extent, trust) than other companies. For many people, if they don't see the VS logo, they think the site is being cheap by using an "inferior" SSL. (Yes, SSL is SSL for the most part, but not in the minds of Joe Consumer.)

Remember that first impressions are important to consumers. Which salesman looks better to you- the one in the Brooks Brothers suit driving a new BMW or the one in an off-the-rack suit driving a 5 year-old Hyundai?

Verisign, Thwarte and GeoTrust were the original SSL authorities and have about equal brand recognition.

GeoTrust and Verisign have each been pushing that they are number #1 in the certificate market. I don't know who is right.

The one good thing to come out of this, is Verisign will need to lower it prices (even more than they have)to remain competitive, which is a good thing.

I think the best rule of thumb, is don't spend alot on a certificate when you first start out, incase your business does not pan out. If things are going strong,
then you can move to a name brand certificate, to tweek the conversion rate. When you get over a million in sales, go with Verisign to catch those few extra sales.

Geotrust QuickSSL - purchase through ev1servers.net and you save $140. You actually deal/confirm with GeoTrust and also you renew through Geotrust at the same $49 you originally paid. I've done this for the past 4 years (though they were rackshack then).

Doing some more research. It appears that the browser makers are concerned about phishing attacks and are looking at some point in the future of displaying, security infomation in the address bar.

green address bar will be from high-assurrance certificates (certificate issued on company validation)

yellow address bar will be from low-assurance certificates (certificate issued on domain name)

red address bar will be from known fraudsters or phishing attacks)

You can imagine what a yellow address bar will do to your conversion rate over a green address bar.

So in a year or so, we will be arguing over high-assurance vs low assurance certificates, not the ssl provider.

I use Godaddy. If you can afford use Verisign as it as good recognition among the users.